Paul Proctor
Paul Proctor
address becoming data detection enables management proactive providers risk support system systems trouble
Workflow system support by vulnerability management system providers is becoming more important as the need for proactive risk management and remediation grows, ... Integrating prioritized vulnerability and risk data with trouble ticketing systems enables enterprises to more effectively address the vulnerability management lifecycle from detection through remediation.
affect bottom business operations people risks security speak talking tend unit weigh whereas
In some companies, operations and the business unit not only speak a different language, but have no way of talking about risks. Security people tend to think 'It's a risk, we can't have it,' whereas business people weigh risks and how they could affect the bottom line.
business needs potential returns security understand
The CISO needs to be able to understand the business, and the potential returns on any security investment,
ability activity communication decision determine excellent executive good highly information knowledge lacking oral political report requiring risk security skills written
The ability to determine what constitutes risk, and the requirement to report that risk to executive decision makers, can be a highly political activity requiring excellent written and oral communication skills with a good knowledge of business. Generally, these skills have been lacking in traditional technically-oriented information security specialists,
board change ultimately
Ultimately the change has to come from the board down.