Program Number: C020-15032016
Creating a Culture of Information Security
Activity Sponsor: PMINJ Chapter (C020)
PDUs: - 1.5
Leadership - 1.5
Strategic - 0.0
Technical - 0.0
This presentation urges enterprises to adopt a culture of security and explains how enterprises can put one in place. Every enterprise has a corporate culture and one component of that is its attentiveness to the security, privacy and recoverability of its information resources. An information security culture – good or bad – exists in every enterprise. It is to the organization’s benefit to ensure that it is an intentional culture promoting strong, consistent and well-organized security. The first step to creating an information security culture is understanding management’s intentions and obtaining a clear-eyed assessment of the current state of an organization’s commitment to security. This helps to illuminate the gaps between expectations and reality. This presentation addresses the benefits of an intentional culture of information security, inhibitors to achieving a positive one and how to create, institutionalize and sustain an information security culture.
Steven Ross is Executive Principal of Risk Masters International and holds certification as a Certified Information Systems Security Professional (CISSP) as well as a Master Business Continuity Professional (MBCP) and a Certified Information Systems Auditor (CISA). Mr. Ross is a specialist in the field of information systems security and control, specializing in Information Security, Business Continuity Management, and IT Disaster Recovery Planning services. He has implemented Information Security programs for numerous banks, government agencies and industrial corporations. Prior to founding Risk Masters, Mr. Ross was a Director and global practice leader with Deloitte.
In consulting engagements, Mr. Ross specializes in planning, policy development, implementation, and standardization of Information Security processes. In recent years, his focus has been on prevention, detection and recovery from natural and malicious attacks on information systems and business operations. He is editor of the multi-volume series, e-Commerce Security, and author of several of the books in the series, including e-Commerce Security: Public Key Infrastructure. He has recently published Creating a Culture of Security. Since 1998, Mr. Ross has regularly published the column, “IS Security Matters”, in the ISACA Journal.
Topic: Networking & LinkedIn Masters Gail Rolls and Michael Milutis Reveal PM-Specific Strategies
Topic: Interactive Session: Current Topics on PMO