tips and ideas to help sell your security program n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Tips and Ideas to Help Sell Your Security Program PowerPoint Presentation
Download Presentation
Tips and Ideas to Help Sell Your Security Program

Loading in 2 Seconds...

play fullscreen
1 / 10

Tips and Ideas to Help Sell Your Security Program - PowerPoint PPT Presentation


  • 99 Views
  • Uploaded on

Tips and Ideas to Help Sell Your Security Program. Practical Lessons Learned as the Principal Security Officer in Systems at the Social Security Administration. Agenda for This Talk. Periodically, assess the health of your security program Network to maximize your resources

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Tips and Ideas to Help Sell Your Security Program' - Gabriel


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
tips and ideas to help sell your security program

Tips and Ideas to Help Sell Your Security Program

Practical Lessons Learned as the Principal Security Officer in Systems at the Social Security Administration

agenda for this talk
Agenda for This Talk
  • Periodically, assess the health of your security program
  • Network to maximize your resources
  • Stay abreast of new governing directives, emerging technologies, audit reports…
  • Communicate with management regularly
  • Let KISS be the rule for all briefings and presentations to sell your security program
determine the security health of your work environment
Determine the Security Health of Your Work Environment
  • Know your management’s expectations – Check periodically because it is not static
  • Review previous audits, reviews, etc. that can help you determine known challenges
  • Depending on your scope of responsibility and authority, make a list of things to do and/or delegate to others based on NEED
  • Keep management abreast of security accomplishments/challenges/key changes
networking is important
Networking is Important
  • Establish and maintain internal/external networks – peers are a valuable asset
  • Find ways to partner with managers and other key people outside of security staff
  • When you have more to accomplish than the resources available, be creative in finding others who will benefit from project
  • Share the glory and show your gratitude in ways that COUNT to the recipient!
stay informed
Stay Informed
  • Maintain primary references and know where/how/who to find secondary sources
  • Basic KSAs are needed to perform well
  • Stay tuned to NIST, GAO, OMB, OIG, etc.
  • Keep alert about new projects, challenges, organizational changes, policies, laws, etc.
  • Read about new technologies/techniques
  • Review audit reports, security reviews, etc.
communicating with senior management
Communicating with Senior Management
  • Communicate at the level of relevance
  • Communicate regularly by being creative
  • Focus on the business case vs. penalty
  • KISS test all briefings, be specific, never mention a problem without solutions, ask open questions and seek council/advice
  • Always include some good news
  • Be prepared and provide timely follow-up
selling security
Selling Security
  • Document substantive security briefings as a security awareness activity.
  • Meet program/project managers regularly to assist them in assessing risks, knowing their security responsibilities, etc.
  • Customize interesting awareness activities to meet the needs of the audience
  • Be committed, enthusiastic, simplistic, and relevant to real world needs/experiences
stay informed and share knowledge willingly
Stay Informed and Share knowledge Willingly
  • You may need to do homework again!
  • Stay focused on the business reasons for mitigating risks vs. the legal requirements
  • Efficient, almost non-disruptive strategies to address weaknesses are easier to sell
  • Seek innovative ways to teach the ABCs of security outside the classroom setting
  • A series of short relevant briefings may be easier to sell than a lengthy training class
concluding thoughts
Concluding Thoughts
  • A positive attitude and your willingness to make all communications relevant are essential
  • Routinely sharing articles and websites of potential interest are best when accompanied by a synopsis and comment on relevance.
  • Communications are often better late in the day
  • Volunteer: join project teams, prepare briefings on security related documents, sell yourself as one who prevents, detects and solves problems!