Welcome Guest | |
Follow Us:
    
Newsletter Signup:
Twelve Recommendations for Your Information Security Strategy
Whether or not your company is directly affected, the global downturn will force you to rethink your security strategy. Here’s a 12-step game plan for today's CISO By Khalid Kark, Forrester Research, January 28, 2010

As security gets embedded into the day-to-day operations of business, the scope and complexity of the information security organization's responsibilities is increasing.
 
Security is not a standalone discipline anymore, and security professionals today need to look outward and understand the broader business context if they want to succeed in their job. Security also needs to be adaptable and adjust based on changing technological and economic environments.
 
The 12-step game plan for today's CISO
Whether you are directly affected or not, the global downturn will force you to rethink your existing security strategy and priorities. Some organizations will be affected more than others, but universally you should seek to:

1. Spend your budget on projects that impact the bottom line of the business. Let's be honest—most security projects can't be justified strictly on the basis of ROI. But certain projects can create efficiencies and have tangible cost savings while maintaining or even improving security. A project where you are automating or redesigning a process for greater efficiency or using the existing modules/features of a tool that you already have, instead of purchasing a new tool, will improve the bottom line of the business.

2. Develop a flexible and nimble approach for taking on large investment projects. Whether you are working with a vendor or doing it yourself, it's essential that you divide up large projects into small, digestible chunks. This becomes an absolute necessity in tough economic times, where you may not have budget or resources to work on the project a few months down the road. You want to have the flexibility to adjust the timeline and the investment on short notice. Some companies would pay a slightly higher cost to have the flexibility of shorter term contracts with their vendors.

3. Adopt managed services to get more bang for your buck. Organizations today are finding it difficult to keep up with the complexity of the threat landscape and finding the right competencies to staff their operations centers.

Many are turning to managed security services (MSS) for doing their job more efficiently and more competently. You may not save much money by using MSS, but you will get a lot more competency and 24/7 monitoring; more importantly, it will help you save on your capital expenditures that are tight now.



blog comments powered by Disqus
Featured Videos


 
    
 
Latest Security News
All Articles By Khalid Kark
Top Stories
Upcoming Webcast
"The Social Organization"
Attend Webcast on "The Social Organization" presented by Mark McDonald, Ph.D. Group Vice President, Gartner Fellow, Gartner Executive Programs - He discusses the approaches necessary to bring social media technology together with people to create mass collaboration and transform the way you work. This webcast discusses why it’s important to become a social organization rather than just having social media. Attend this webcast on Wednesday, February 8, 2012 at 11:00am
Interview
‘Employees are prioritizing device flexibility and work mobility over salary’
Mahesh Gupta, VP-Borderless Networks, Cisco India & SAARC discusses how enterprise mobility has become integral to an organization’s operational success
BankTech India - IT News for BFSI Segment
We're on Google+
InformationWeek India on Facebook