View the presentation delivered at the BrightTalk Risk-based Security Summit on 11th May 2016.
Policy is the corner stone of any risk-based security programme. Policies are put in place not only to govern the way organisations operate, but also to mitigate risks, and as such, require board level backing and sign-off. Yet when it comes to security programmes, information risk (both internally and externally) is often presented in terms meaningless to the board of directors. Using a real-world example, this session will present a model for risk-based security that engages senior executives.
During this session you will learn about the frustrations facing executives when it comes to IT security, what you need to do to garner buy in and support, and a how this approach has been applied to a real-life Information Security Assurance Program.