Time
1 hour 2 minutes
Difficulty
Advanced
CEU/CPE
1

Video Transcription

00:01
hello and welcome back to revenue quotation as a C. So
00:07
in this module
00:08
we will discuss why business goes must lead effective ways to align security goes with business goals and why security policies are imported.
00:23
Alighting security with business goals. So quote from Devin Brian, which is one of my mentors.
00:32
It takes proper balance of threat driven, risk based trade offs to make sure that cybersecurity programs, policies and strategies enable businesses to go further and faster.
00:44
So you've implemented all these new programs and
00:48
done all these wonderful things.
00:51
But
00:52
are they alive with the business goals? Are you implementing
00:59
procedures, strategies
01:03
that ally with the goals of the business or you operating in a silo?
01:11
The process of alignment starts with understanding the business,
01:17
speaking in the language of the business, prioritizing partnerships with the business units and other leaders,
01:23
communicating the risk of actions or inactions to those individuals.
01:30
And the quantifying risks, as we mentioned bores care about money
01:34
live with the board's decision.
01:38
So don't become so emotionally tied to an outcome that you feel is important and it probably is. It's super important, but it's important to you and you only If it's not implemented, will the company go out of business? Probably not.
01:57
Will it make your job a little bit harder
02:00
in May? And that may be why you're so you mostly invested into it. But these air some questions that you have to ask yourself,
02:08
Um,
02:10
when you start going down that path
02:15
recognizing what the goal of the businesses and how security supports and enables the business to generate revenue
02:24
you Yes, you are the protector, the guardian, Trusted advisor of the business. You're protecting the digital assets. Yes, that is you. But you have to do so in a manner that you're not blocking business. You're not causing productivity losses that you're not
02:45
putting
02:46
revenue generation at risk. But in further efforts, you should find areas of opportunity to integrate
02:58
security into the business
03:00
and once again gain that stakeholder buy in by being the trusted adviser.
03:06
By taking the proactive approach and not a reactive approach and staying
03:12
at the forefront of news and trends, you may not have the budget to implement those, but as we're finding out now, they're in this cove it 19 pandemic.
03:23
We had a lot of under used or underutilized tools. So take the opportunity to look at what you have and find out if there's more value that you can know squeeze out of it. But also, when you're going on those procurement expeditions, I like to call
03:44
looking solutions that can complement
03:47
what you're doing and that don't require a lot of, um,
03:53
I say adaptation
03:54
and thats meaning that you don't have to change the way that you do business or work flows to accommodate a security tool because that's going back to being a blocker, right? You're causing productivity losses. So
04:09
all of this ties back into
04:12
aligning with the business and the goals of the business, and if you do that, you will be successful in your security program.

Up Next

Revenue Protection as a CISO

In this course you will learn strategies to transform the way your security program is viewed.

Instructed By

Instructor Profile Image
Terence Jackson
Chief Information Security and Privacy Officer
Instructor