ians connector event deck: factor 3
TRANSCRIPT
Connector Events
See the Big Picture
IANS Connector Events bring together small groups of
senior-level information security professionals from a
broad spectrum of industries and experiences for
facilitated deep-dive discussions of important challenges
and solutions in the information security space.
Your community is a resource: through intimate peer-to-
peer conversations around common issues, solutions,
and suggestions for improvement, you’ll gain insight into
varying perspectives and develop new ideas to accelerate
your problem-solving efforts.
How can you embed information security
risk assessment into key processes?
IANS’ research shows that CISOs and their teams
typically don’t have a large role in enterprise risk
decisions – and when information security isn’t involved
in decisions early on, the team is often forced to work
much harder, but may achieve much less. How can you
ensure that security is asked for input when your
company deploys new software, commits to new
vendors, launches new product initiatives, and
considers mergers and acquisitions?
At a recent event, we posed the question:
“Currently security is an after
thought - it is not incorporated up
front in the business process.
Security is perceived as a road
block in most instances, also
development teams seem to think
they have security expertise within
their group.”
“We have an engagement
process but there are
other factors in the "way
we approve" initiatives that
sometimes leaves us in
the dark.”
Attendees discussed the challenges …
“… we have limited
Infosec personnel to
actively review for
risk.”
… and through that discussion, shared
thoughts on how to address the problem.
• Work with executive leaders to gain support for
requiring risk evaluations for key projects.
• Establish agreements with Finance and Legal that
compel assessment of new vendors before contracts
• If development is done in-house, institute app-level
penetration testing, training for developers, and
secure coding guidelines.
At at Connector
Event, you will:
• Gain insight into the challenges and roadblocks
you and your peers share.
• Learn about new and unique approaches to
common issues and topics
• Take away problem-solving ideas that you can
apply in your own organization.