Skip to main content

Posts

Showing posts from December, 2016

Featured

How Security Architecture Supports Business Drivers

The Enterprise Information Security Architect is a crucial position within IT security and is often challenging and stressful. The job forms the “glue” that bridges the technological aspects of security and business drivers. The architect must have a solid understanding of the business architecture to design the best security systems possible that not only do not impede the business but enable business opportunities.  Also, the position must exhibit a management presence to articulate to senior executives the conceptual architecture and how it will impact business operations.
Through the many years as a security practitioner, I find organizations who are using existing security controls that are not effective. When engaged in these projects part of the risk assessment conducted is determining if there is sufficient protection for information that should be shared with employees, customers, business partners, and the general public. The risk assessment is a crucial step when designing…

Five Signs of CISO Complacency