One Article Review
| Source |  NoticeBored |
|---|---|
| Identifiant | 409104 |
| Date de publication | 2017-08-14 15:29:01 (vue: 2017-08-14 15:29:01) |
| Titre | NBlog August 14 - why infosec? |
| Texte |  Today I'm revising the InfoSec 101 presentation for general employees, starting with a brief introductory slide addressing questions along the lines of "What's the point of information security?" and "Why are you even telling me about it?".It's not as easy as you might think to answer such fundamental questions, simply, for someone who may have no background or interest in the topic. So I went Googling for inspiration, and came across this neat list of infosec benefits from a company called Global Strategic:Demonstrates a clear commitment to data security- including confidentiality and strict accessibility rules;Provides procedures to manage risk;Keeps confidential information secure;Provides a significant competitive advantage;Ensures a secure exchange of information;Creates consistency in the delivery our services;Allows for inter-operability between organizations or groups within an organization;Builds a culture of security;Protects the company, assets, shareholders, employees and clients;Gives assurance that a third party provider takes your data security (and your business) as seriously as you doSome of those are not terribly helpful for our awareness purposes. A benefit of information security is security or protection [of information], yes, but that's obvious from the phrase! It doesn't move us forward.Risk management is definitely a core purpose of infosec. I'm not keen on the idea that infosec 'provides procedures' though. Infosec is an overall approach, rather than simply a set of procedures or processes. "Infosec lets us manage risks" is closer to the mark, I think, or maybe "We use infosec to manage information risks". Hmmm.Competitive advantage is another good one, although I think I would prefer talk about 'enabling the business'. Whereas managers are presumably familiar with the concept of competitive advantage, I'm not sure about general employees. 'Enabling' is a fairly complex concept too, so "Infosec is good for business" would be an even better way to express it.Re the notions of securely exchanging information and inter-operability: those seem quite narrow and specific to me - parts of infosec, for sure, but arguably too obscure for a relatively naive audience. They are technocentric, too, whereas we are keen to position infosec more broadly than just IT or cybersecurity. |
| Envoyé | Oui |
| Condensat | consistency 101 able about accessibility accordingly across addressing advantage advantage;ensures all along although another answer approach are arguably aside assets assurance audience august awareness background being benefit benefits better between bogged brief broadly building business but called came can cia clear clients;gives closer commitment company competitive completely complex compliance concept confidential confidentiality consistency contemplating continue core culture cybersecurity data definitely delivery doesn dosome down dozen driver easy else employees enabling even exchange exchanging express fairly familiar figure forward from fundamental general generating get global good googling groups have helpful here hmmm how idea important including information information;creates infosec inspiration inter interest introductory just keen key language lets like lines list maintaining manage management managers mark may maybe meanwhile mentioning messages might more most move naive narrow naturally nblog neat not notes notion notions obscure obvious one operability operability: organization organization;builds organizations out overall parts party people perfectionist phrase plain point points position powerpoint prefer presentation presentations presumably procedures processes protection provider provides purpose purposes put questions quite rather refining relatively reminds researching revise revising risk risk;keeps risks rules;provides safety say secrecy secure secure;provides securely security security;protects seem seriously service services;allows set several shareholders significant simpler simply since slide slides someone something speaker specific starting strategic:demonstrates strict such sure takes talk technocentric telling terribly than that things think third those though today too topic triad trust update use vague way well went what whereas who why will within worth would yet your |
| Tags | |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.