What’s the mission of your security program? Is it to proactively secure the company against a compromise of the confidentiality, integrity, and availability, or, is it to protect the company brand by effectively preventing, detecting and responding to cyber-threats?
Check out this post for the basis for our conversation on this week’s episode which features me, David Spark (@dspark), producer of CISO Series, guest co-host Steve Zalewski, CISO, Levis, and our guest, Johna Till Johnson (@JohnaTillJohnso), CEO, Nemertes Research.
During the video chat we discuss these two options. They’re written out here for your easy reference.
Option 1: A strategic security program is necessary to proactively SECURE THE COMPANY against a compromise of the CONFIDENTIALITY, INTEGRITY, and AVAILABILITY of Logical (Business Systems) and Operational (Retail Store/Warehouse/Powerplant/Hospital Systems) multi-national assets.
Option 2: To PROTECT THE COMPANY BRAND, we will modernize our security capabilities in order to effectively PREVENT, DETECT and RESPOND to cyber-threats that impact the business revenue stream(s) of the company.
Thanks to this week’s sponsor, Trend Micro
Got feedback? Join the conversation on LinkedIn.
In this episode
- Security mission option 1: protecting the company
- Security mission option 2: protecting the brand & revenue stream
- Does one lead to/support the other?
- Does the degree of cloud presence make a difference?
- How much of this is technical vs philosophical?
