230 likes | 436 Views
Moving With The Innovation Era. Innovation relies on the "human element?Depict technology for all levels to understandCompare apples and orangesUnderstanding the cultureEarly adopters vs. good followersCustom vs. open source vs. vendorsKnowledge vs. understandingCorrective actionsDelete vs.
E N D
1. ISSA ASIS Western Security ConferenceMay 22, 2008
Influencing the Future of Security in Your Organization
Dr. Pamela Fusco
CISSP, CISM, CPP, CHS-III, IAM
Chief Security Strategist
Fishnet Security
Director, ISSA International
2. Moving With The Innovation Era Innovation relies on the "human element
Depict technology for all levels to understand
Compare apples and oranges
Understanding the culture
Early adopters vs. good followers
Custom vs. open source vs. vendors
Knowledge vs. understanding
Corrective actions
Delete vs. deleted
3. Transformation Effects of Technology Automobiles: 1985 most expensive car in USA was the Cadillac at $17K
12 MPG & weighed > 1 ton
If the automobile industry had achieved the same momentum as the technology industry
The cost of a Cadillac would be $12.63, get 5500 MPGs, weigh 14 lbs at 3ft long
Todays Taurus has more computing power than the 1st lunar landing device
4. Useful or Useless Banging your head against the wall burns 150 calories
Human brain stops growing at 18 yrs, but can store more than 4 terabytes of data
Everything that can be invented, has been invented US Patent Office, 1899
One edition of the NY Sunday times has more information in it than a typical human was exposed to during his/her lifetime 100 yrs ago
5. Interpretation & Retention of Information Starfish have no brains
Some birds eyes weigh more than their brains
Horses nor whales can vomit
Nose prints are a dogs fingerprints
Man has survived on earth 2 million years, dinos lasted 1.5 million
6. About the Cookies 50% less fat
Reduced Carbs
Reduced calories
No trans fats
Great taste
Reduced fat because the size is reduced and price increased?
7. IT Has Changed Our Lives Forever Technology is the powerful force supporting and in many instances FORCING change
The greatest technological growth has transpired over the past 20 yrs with the most significant impact in the 21st century (in this decade)
Corporate, government, private
Personal lives (all ages)
iPhone
Tom Tom - already out dated
Movies, Videos, DVD
Music, LPs, 8 tracks, CDs, iPod
Mail (snail mail gets even slower)
E, IM, VM
8. Keeping Current: Most Difficult
9. We Talked About How information and concepts are received and potentially understood
Impact of technology on
Consumers
You, Me
Corporations
Now lets delve into how to make it all benefit YOU
10. A change agents or change leaders capabilities have a major impact on success or failure of the program, and on the extent of potential unwanted side-effects
11. Leaders of the 21st Century Significant shortage within the next 5 yrs for seasoned and well versed leaders
Our mangers and leaders of the future need to have soft skills to be able to communicate at all levels, influence others, understand and/or create partnerships
12. IT as a Second Language Getting them to understand
Getting them to retain what you told them
Keep the technologists happy
If your boss is not detailed oriented and you are
If your boss is detailed oriented and your are NOT
13. Show and Tell Time Unknowingly accepting risk levels far beyond an organizations risk tolerance
Gaps in technology capabilities have clear business impacts
Underinvestment results in unacceptable risk tolerance
Launch a comprehensive technology integrity program that meets the demands & needs of today and meets the needs of the future
Who are you representing? (CIO, CEO, BOD?)
Multiple industries, regulators, auditors and practioners
14. CSI survery results (CSO)
CIO/infoweek resultsCSI survery results (CSO)
CIO/infoweek results
15. CSO CIO Too much work
Too much $$$ and not technology
Too much time
Too much too much for not so much
Reactive
Side tracked other critical programs
There is too much more to be done Processes established
Keep the CEO out of Jail
BOD is in the know
Metrics and reporting consistent (?)
Identified potential issues, curtailing critical concerns
Proactive
We did it
16. CSO Security Focus
17. Underinvestment Results In Unacceptable Risk Tolerance
Explain that Gartner looks at what they spend on information security then relates to what people typically spend based on risk tolerance
Based on Mercks spend they are more closely aligned w/ a company in manufacturing
Pfizer and J&J moving into the blue number is probably in the 6-12% range near term target
Explain that Gartner looks at what they spend on information security then relates to what people typically spend based on risk tolerance
Based on Mercks spend they are more closely aligned w/ a company in manufacturing
Pfizer and J&J moving into the blue number is probably in the 6-12% range near term target
18. Unknowingly Accepting Risk
19. Effective Data Integrity ApproachData Classification
20. Vet the Vision: The Organization in 5 Yrs FishNet Security offers each customer
Our commitment to provide
Our ability to leverage
Our relationships we cultivate
Our comprehensive portfolio
Our reputation
FishNet Security offers each customer
Our commitment to provide
Our ability to leverage
Our relationships we cultivate
Our comprehensive portfolio
Our reputation
21. Execution thru strategic vision
22. Understanding the Human Channel Capacity & Transactive Memory theories You have to be willing to take chances on yourself
Consider what the worst and best outcome may be
If you try you will never be a failure
Too hard or difficult to do or understand=circumvention
10-15 character passwords-Dont write it down
Trans-Mem, tapping into your greatest resources and encouraging those resources to communicate the information
The peoples technology will wiggle its way in
Figure out how to implement vice discourage
Give it back to them to figure out
Get the users to provide plausible solutions for the use of popular devices (Get them involved)
23. Thank you for your time and attention.
Questions?
Go to the end of the branch, that is where the fruit is...