Sunday, October 11, 2009

Focus on securing business processes not the process of securing

The title comes from a list of conclusions I gave at a presentation called Does IT Security Matter? just before Christmas in 2007. The wonderful thing about the writing process is that every now and again you hit upon a pithy phrase like that which communicates so much. But it's like mining for gold - you have to move a lot of earth to find the nuggets.

The full presentation is available on Sribd as shown below. There have been about 1200 reads and 240 downloads. Re-reading it now, the presentation could do with an update, however the core messages are still valid. My main conclusions were
  • There is a dependency between IT and IT Security but not a strategic relation
  • IT and IT Security are good neighbours but not good friends
  • IT Security is one area competing for attention and funding, amongst many
  • If you don’t make IT security matter, it won’t
  • Focus on securing business processes not the process of securing
  • Excel is your new best friend - make your spreadsheets work with their (business) spreadsheets

Does IT Security Matter?

1 comment:

akalili said...

how to improve the vulnerability of a5/1 stream cipher?