Upload
selectedpresentations
View
49
Download
2
Embed Size (px)
Citation preview
Session ID:
Session Classification:
Caroline Wong, CISSP Symantec
STU-W27B
Intermediate
SECURITY SMARTS FOR THE SELF-GUIDED IT PROFESSIONAL
Presenter Logo
► The job of the defender is to protect against an infinite number of attacks. However, a defender will always have a limited amount of resources with which to do this. The real job of the security practitioner is to prioritize remediation efforts by risk, so that the limited resources can be focused on addressing the greatest risks to the business.
Visibility & Decision-making
Presenter Logo
► ► Compliance
► Highest Risk
► Business Enabling Security Practices
► ► Process Improvement
► Technology Improvement
► Audit Findings
►
► What Needs to Be Discussed
► ► Technology Evaluations
► Cloud Provider Metrics and Evaluations
Define Objectives
Presenter Logo
► Why is it important?
► Factors to consider ► Compliance
► Risk Reduction
► Threat Analysis
► Alignment with Top Business Objectives
Define Your Priorities
Presenter Logo
► Why Stakeholder Engagement is Important
► Preparing for a Buy-In Discussion
► Meeting, Explaining, Asking, Documenting
► Examples ► CEO
► CFO
► BU Leader
Key Messages and Key Audiences