1 / 10

Selling Security to the Business

Selling Security to the Business. Peter Frøkjær ADP Global Security Organization @: peter.froekjaer@adp.com In: dk.linkedin.com/in/ froekjaer / : +45 6155 2021 / +1 530 683 5388. How Security communicate with the Business How to add value to the business

tuyet
Download Presentation

Selling Security to the Business

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Selling Security to the Business Peter Frøkjær ADP Global Security Organization @: peter.froekjaer@adp.com In: dk.linkedin.com/in/froekjaer/ : +45 6155 2021 / +1 530 683 5388 How Security communicate with the Business How to add value to the business How to build a Global Security Organization

  2. What is ADP? • Payroll Services, Human Resource Management & Benefits Administration • Dealer Management System & Digital Marketing Solutions

  3. Security as a Business Enabler • The way Security interact with the business has changed. • Today, however the time where the default answer from Security was “No” has changed. We are now primarily Influencing and motivating the Business as a key Player. • We are now supporting Business Decisions, providing Security Services, ensuring Compliance and adding Business Value by Political Influence. • To be a Successful Influencer, we need to understand the Business Strategy. • We are responsible to design our communication to fit the recipients!

  4. How should Security navigate in a global Enterprise? • Build a Global Security Organization(and Business Security Org.) : • Integrate into the Business. • Integrate into IT, and other critical processes.

  5. Communicate with the business • The Language Of The Boardroom: RI$K!! • Security MUST learn the language of the Business. • Expect the unexpected • You don’t know what you don’t know. Understand and Adapt toCultural differences. Understand and Adapt toPersonalities and Personality Types. geert-hofstede.com/countries.html • Jungian theory on personality types

  6. Communicating with the Business • BU Requests and Consumes Consulting & Services • GSO Provides Consulting & Services • GSO Drives Projects, Program & Policies

  7. An example of: Influence by motivation EU Data Protection proposals -Administrative sanctions • Fines of up to 250,000 EUR or 0.5% of annual worldwide turnover (mechanisms for requests or non- response) • Fines of up to 500,000 EUR or 1% of annual worldwide turnover (incomplete information, not transparent, right to be forgotten, form/format) • Fines of up to 1,000,000 EUR or 2 % of annual turnover (no legal basis, no representative, security provisions, breach reporting)

  8. Add value to the Business:Monitor Security events and detect Fraud Enterprise Reporting RSA and other Anti-Fraud Command Centers Data Value Geo Info Division Identity GRC Event Enrichment Incidents Threats Assets Aggregation • Protect and ensure: • Integrity of the Brand • Client Assets • Personal Info • Compliance • DLP Location Business Regulation NCC Asset Value CIRC SCC

  9. Add value to the Business:Securely implement Business Enabling technologies Enterprise Reporting Internet • Mobile access • Web Services • New Innovation Firewall • SSL Offload • Adoptive Authentication • Web Application Firewall • Load Balancing Data Value Geo Info Division Identity PDAN F5 GRC PDAN Event Enrichment Firewall Incidents Threats Assets Aggregation Web Firewall PDAN App Location Business Regulation NCC Asset Value Firewall CIRC SCC PDAN DB

  10. Thank You – Q&A Enterprise Reporting Security Events Data Value Geo Info Division Identity IDS GRC DPI VPN WAF AI Auth AV Event Enrichment MDM DLP SB Incidents Threats Assets Aggregation FW URL uVM WLAN AD Location Business Regulation NCC Asset Value CIRC SCC

More Related