SlideShare a Scribd company logo

IANS Connector Event Deck: Factor 3

Andrew Sanders, profile picture
Andrew Sanders

IANS connector events gather senior-level information security professionals to engage in discussions on challenges and solutions within the field. These events emphasize the importance of integrating information security into business processes to avoid being sidelined in decision-making, especially for new software and vendor engagements. Participants share insights and strategies to improve risk assessment practices and overcome limitations in information security personnel.

Internet
1 of 6
Download to read offline
1
2
3
4
5
6
Connector Events
See the Big Picture IANS Connector Events bring together small groups of senior-level information security professionals from a broad spectrum of industries and experiences for facilitated deep-dive discussions of important challenges and solutions in the information security space. Your community is a resource: through intimate peer-to- peer conversations around common issues, solutions, and suggestions for improvement, youโ€™ll gain insight into varying perspectives and develop new ideas to accelerate your problem-solving efforts.
How can you embed information security risk assessment into key processes? IANSโ€™ research shows that CISOs and their teams typically donโ€™t have a large role in enterprise risk decisions โ€“ and when information security isnโ€™t involved in decisions early on, the team is often forced to work much harder, but may achieve much less. How can you ensure that security is asked for input when your company deploys new software, commits to new vendors, launches new product initiatives, and considers mergers and acquisitions? At a recent event, we posed the question:
โ€œCurrently security is an after thought - it is not incorporated up front in the business process. Security is perceived as a road block in most instances, also development teams seem to think they have security expertise within their group.โ€ โ€œWe have an engagement process but there are other factors in the "way we approve" initiatives that sometimes leaves us in the dark.โ€ Attendees discussed the challenges โ€ฆ โ€œโ€ฆ we have limited Infosec personnel to actively review for risk.โ€
โ€ฆ and through that discussion, shared thoughts on how to address the problem. โ€ข Work with executive leaders to gain support for requiring risk evaluations for key projects. โ€ข Establish agreements with Finance and Legal that compel assessment of new vendors before contracts โ€ข If development is done in-house, institute app-level penetration testing, training for developers, and secure coding guidelines.
At at Connector Event, you will: โ€ข Gain insight into the challenges and roadblocks you and your peers share. โ€ข Learn about new and unique approaches to common issues and topics โ€ข Take away problem-solving ideas that you can apply in your own organization.

More Related Content

PDF
What is an IANS Connector Event? - Factor 3
IANS
ย 
PDF
What is an IANS Connector Event?
Andrew Sanders
ย 
PDF
IANS Connector Event Deck: Factor 2
Andrew Sanders
ย 
PDF
What is an IANS Connector Event? - Factor 6
IANS
ย 
PDF
IANS Connector Event Deck: Factor 5
Andrew Sanders
ย 
PDF
What is an IANS Connector Event? - Factor 5
IANS
ย 
PPTX
Helen Patton - Cross-Industry Collaboration
centralohioissa
ย 
PPTX
Bill Lisse - Communicating Security Across the C-Suite
centralohioissa
ย 
What is an IANS Connector Event? - Factor 3
IANS
ย 
What is an IANS Connector Event?
Andrew Sanders
ย 
IANS Connector Event Deck: Factor 2
Andrew Sanders
ย 
What is an IANS Connector Event? - Factor 6
IANS
ย 
IANS Connector Event Deck: Factor 5
Andrew Sanders
ย 
What is an IANS Connector Event? - Factor 5
IANS
ย 
Helen Patton - Cross-Industry Collaboration
centralohioissa
ย 
Bill Lisse - Communicating Security Across the C-Suite
centralohioissa
ย 

What's hot (20)

PPTX
Tre Smith - From Decision to Implementation: Who's On First?
centralohioissa
ย 
PPTX
Keith Fricke - CISO for an Hour
centralohioissa
ย 
PPTX
Chris Clymer & Jack Nichelson - How to Secure Things & Influence People: 10 C...
centralohioissa
ย 
PDF
Tunnel Vision Is Hurting Your Security: Time to See the Forest for the Trees
Enterprise Management Associates
ย 
PPT
How International Startups Leverage Networks In Their Own Backyard Nasscom Fr...
OMcareers Community
ย 
PPTX
March 2014 aceds portfolio c&g kroll webinar
David Kearney
ย 
PPSX
Gescompanies 11
caleb Ping Keung sam
ย 
PDF
Iid infoshare exec_summary final
Andrew_Goss
ย 
PDF
Big data security in the cloud: Buzzword Bingo!
Spiceworks Ziff Davis
ย 
PPT
How to Connect Your Server Room to the Board Room โ€“ Before a Data Breach Occurs
SurfWatch Labs
ย 
PPT
The Art & Science of Simple Security
Ravila White
ย 
PPTX
The Data-Driven Transformation of the Distribution Utility
Jill Kirkpatrick
ย 
PDF
Elastic's recommendation on keeping services up and running with real-time vi...
FaithWestdorp
ย 
PDF
Customer Spotlight: Deploying a Data Protection Program in less than 120 Days
Digital Guardian
ย 
PPTX
TEC/W. Capra Cyber Security and Risk Management Roundtable - January 2016 Sum...
WCapra
ย 
PDF
MT118 Risk Intelligence - Making the Right Choices in Cybersecurity
Dell EMC World
ย 
PPT
Liability the next show stopper
ePSI Platform
ย 
PDF
Nailing Jello To The Wall
veraxpoint
ย 
PPT
Strategies for cyber resilience - Everyone has a Role
Kevin Duffey
ย 
PPTX
Corporate Governance And Cloud Computing
itnewsafrica
ย 
Tre Smith - From Decision to Implementation: Who's On First?
centralohioissa
ย 
Keith Fricke - CISO for an Hour
centralohioissa
ย 
Chris Clymer & Jack Nichelson - How to Secure Things & Influence People: 10 C...
centralohioissa
ย 
Tunnel Vision Is Hurting Your Security: Time to See the Forest for the Trees
Enterprise Management Associates
ย 
How International Startups Leverage Networks In Their Own Backyard Nasscom Fr...
OMcareers Community
ย 
March 2014 aceds portfolio c&g kroll webinar
David Kearney
ย 
Gescompanies 11
caleb Ping Keung sam
ย 
Iid infoshare exec_summary final
Andrew_Goss
ย 
Big data security in the cloud: Buzzword Bingo!
Spiceworks Ziff Davis
ย 
How to Connect Your Server Room to the Board Room โ€“ Before a Data Breach Occurs
SurfWatch Labs
ย 
The Art & Science of Simple Security
Ravila White
ย 
The Data-Driven Transformation of the Distribution Utility
Jill Kirkpatrick
ย 
Elastic's recommendation on keeping services up and running with real-time vi...
FaithWestdorp
ย 
Customer Spotlight: Deploying a Data Protection Program in less than 120 Days
Digital Guardian
ย 
TEC/W. Capra Cyber Security and Risk Management Roundtable - January 2016 Sum...
WCapra
ย 
MT118 Risk Intelligence - Making the Right Choices in Cybersecurity
Dell EMC World
ย 
Liability the next show stopper
ePSI Platform
ย 
Nailing Jello To The Wall
veraxpoint
ย 
Strategies for cyber resilience - Everyone has a Role
Kevin Duffey
ย 
Corporate Governance And Cloud Computing
itnewsafrica
ย 
Ad

Viewers also liked (7)

PPTX
Packets, routers and ip addresses
HANNAHb12345
ย 
PDF
CHPROTFOLIO comp NEW
Craig Henderson
ย 
PDF
IANS Connector Event Deck: Factor 4
Andrew Sanders
ย 
PDF
IANS Connector Event Deck: Factor 6
Andrew Sanders
ย 
PDF
IANS 2015 RSA Presentation
Andrew Sanders
ย 
PDF
The 7 Factors of CISO Impact
Andrew Sanders
ย 
PPTX
Bearing
rkk07
ย 
Packets, routers and ip addresses
HANNAHb12345
ย 
CHPROTFOLIO comp NEW
Craig Henderson
ย 
IANS Connector Event Deck: Factor 4
Andrew Sanders
ย 
IANS Connector Event Deck: Factor 6
Andrew Sanders
ย 
IANS 2015 RSA Presentation
Andrew Sanders
ย 
The 7 Factors of CISO Impact
Andrew Sanders
ย 
Bearing
rkk07
ย 
Ad

Similar to IANS Connector Event Deck: Factor 3 (20)

PDF
What is an IANS Connector Event? - Factor 1
IANS
ย 
PPSX
Meraj Ahmad - Information security in a borderless world
nooralmousa
ย 
PPTX
5 Ways to Reduce 3rd Party Developer Risk
Security Innovation
ย 
PDF
Improving Cyber Security Literacy in Boards & Executives
Tripwire
ย 
PPTX
Automation of Information (Cyber) Security by Joe Hessmiller
Joe Hessmiller
ย 
PPTX
Reduce Third Party Developer Risks
Kevo Meehan
ย 
PDF
New technologies - Amer Haza'a
Fahmi Albaheth
ย 
PPT
Does IT Security Matter?
Luke O'Connor
ย 
PDF
SBIC Report : Transforming Information Security: Future-Proofing Processes
EMC
ย 
PDF
Top 10 IT Security Issues 2011
Redspin, Inc.
ย 
PPTX
Automation of Information (Cyber) Security
Computer Aid, Inc
ย 
PPTX
Comprehensive risk management for a cyber secure organization
Joe Hessmiller
ย 
PDF
Security Program Guidance and Establishing a Culture of Security
Doug Copley
ย 
PDF
Infosec russia cnemeth_v1.2.ppt
Christophe Nรฉmeth (CISSP / CISM)
ย 
PDF
Fdic ffiec cyber_security_assessments
Ken M. Shaurette
ย 
PPTX
People are the biggest risk
Evan Francen
ย 
ODP
CISSP Week 9
jemtallon
ย 
PDF
Connection can help keep your business secure!
Heather Salmons Newswanger
ย 
PPTX
Fortify-Application_Security_Foundation_Training.pptx
VictoriaChavesta
ย 
PPTX
Fortify-Application_Security_Foundation_Training.pptx
YoisRoberthTapiadeLa
ย 
What is an IANS Connector Event? - Factor 1
IANS
ย 
Meraj Ahmad - Information security in a borderless world
nooralmousa
ย 
5 Ways to Reduce 3rd Party Developer Risk
Security Innovation
ย 
Improving Cyber Security Literacy in Boards & Executives
Tripwire
ย 
Automation of Information (Cyber) Security by Joe Hessmiller
Joe Hessmiller
ย 
Reduce Third Party Developer Risks
Kevo Meehan
ย 
New technologies - Amer Haza'a
Fahmi Albaheth
ย 
Does IT Security Matter?
Luke O'Connor
ย 
SBIC Report : Transforming Information Security: Future-Proofing Processes
EMC
ย 
Top 10 IT Security Issues 2011
Redspin, Inc.
ย 
Automation of Information (Cyber) Security
Computer Aid, Inc
ย 
Comprehensive risk management for a cyber secure organization
Joe Hessmiller
ย 
Security Program Guidance and Establishing a Culture of Security
Doug Copley
ย 
Infosec russia cnemeth_v1.2.ppt
Christophe Nรฉmeth (CISSP / CISM)
ย 
Fdic ffiec cyber_security_assessments
Ken M. Shaurette
ย 
People are the biggest risk
Evan Francen
ย 
CISSP Week 9
jemtallon
ย 
Connection can help keep your business secure!
Heather Salmons Newswanger
ย 
Fortify-Application_Security_Foundation_Training.pptx
VictoriaChavesta
ย 
Fortify-Application_Security_Foundation_Training.pptx
YoisRoberthTapiadeLa
ย 

Recently uploaded (20)

PDF
An introduction to the IFRS (ISSB) Stndards.pdf
farhankhan13694
ย 
PPTX
522797556-Unit-2-Temperature-measurement-1-1.pptx
msar8888
ย 
PPTX
SAP Ariba Sourcing PPT for learning material
NKKumar16
ย 
PDF
RPKI Status Update, presented by Makito Lay at IDNOG 10
APNIC
ย 
PDF
Automated vs Manual WooCommerce to Shopify Migration_ Pros & Cons.pdf
CartCoders
ย 
PPTX
E -tech empowerment technologies PowerPoint
kylebalatero12
ย 
PDF
Best Practices for Testing and Debugging Shopify Third-Party API Integrations...
CartCoders
ย 
PPTX
Module 1 - Cyber Law and Ethics 101.pptx
anantyakhrisna1
ย 
DOCX
Unit-3 cyber security network security of internet system
shivangisharma636228
ย 
PPTX
Introduction about ICD -10 and ICD11 on 5.8.25.pptx
naveenithkrishnan
ย 
PPTX
international classification of diseases ICD-10 review PPT.pptx
naveenithkrishnan
ย 
PDF
The Internet -By the Numbers, Sri Lanka Edition
APNIC
ย 
PPTX
Introduction to Information and Communication Technology
AkmadArzieAyao1
ย 
PDF
How to Ensure Data Integrity During Shopify Migration_ Best Practices for Sec...
CartCoders
ย 
PDF
๐Ÿ’ฐ ๐”๐Š๐“๐ˆ ๐Š๐„๐Œ๐„๐๐€๐๐†๐€๐ ๐Š๐ˆ๐๐„๐‘๐Ÿ’๐ƒ ๐‡๐€๐‘๐ˆ ๐ˆ๐๐ˆ ๐Ÿ๐ŸŽ๐Ÿ๐Ÿ“ ๐Ÿ’ฐ
GRAB
ย 
PDF
Paper PDF World Game (s) Great Redesign.pdf
Steven McGee
ย 
PPTX
Introuction about ICD -10 and ICD-11 PPT.pptx
naveenithkrishnan
ย 
PDF
Slides PDF The World Game (s) Eco Economic Epochs.pdf
Steven McGee
ย 
PPTX
June-4-Sermon-Powerpoint.pptx USE THIS FOR YOUR MOTIVATION
KuyaRogie
ย 
PDF
APNIC Update, presented at PHNOG 2025 by Shane Hermoso
APNIC
ย 
An introduction to the IFRS (ISSB) Stndards.pdf
farhankhan13694
ย 
522797556-Unit-2-Temperature-measurement-1-1.pptx
msar8888
ย 
SAP Ariba Sourcing PPT for learning material
NKKumar16
ย 
RPKI Status Update, presented by Makito Lay at IDNOG 10
APNIC
ย 
Automated vs Manual WooCommerce to Shopify Migration_ Pros & Cons.pdf
CartCoders
ย 
E -tech empowerment technologies PowerPoint
kylebalatero12
ย 
Best Practices for Testing and Debugging Shopify Third-Party API Integrations...
CartCoders
ย 
Module 1 - Cyber Law and Ethics 101.pptx
anantyakhrisna1
ย 
Unit-3 cyber security network security of internet system
shivangisharma636228
ย 
Introduction about ICD -10 and ICD11 on 5.8.25.pptx
naveenithkrishnan
ย 
international classification of diseases ICD-10 review PPT.pptx
naveenithkrishnan
ย 
The Internet -By the Numbers, Sri Lanka Edition
APNIC
ย 
Introduction to Information and Communication Technology
AkmadArzieAyao1
ย 
How to Ensure Data Integrity During Shopify Migration_ Best Practices for Sec...
CartCoders
ย 
๐Ÿ’ฐ ๐”๐Š๐“๐ˆ ๐Š๐„๐Œ๐„๐๐€๐๐†๐€๐ ๐Š๐ˆ๐๐„๐‘๐Ÿ’๐ƒ ๐‡๐€๐‘๐ˆ ๐ˆ๐๐ˆ ๐Ÿ๐ŸŽ๐Ÿ๐Ÿ“ ๐Ÿ’ฐ
GRAB
ย 
Paper PDF World Game (s) Great Redesign.pdf
Steven McGee
ย 
Introuction about ICD -10 and ICD-11 PPT.pptx
naveenithkrishnan
ย 
Slides PDF The World Game (s) Eco Economic Epochs.pdf
Steven McGee
ย 
June-4-Sermon-Powerpoint.pptx USE THIS FOR YOUR MOTIVATION
KuyaRogie
ย 
APNIC Update, presented at PHNOG 2025 by Shane Hermoso
APNIC
ย 

IANS Connector Event Deck: Factor 3

  • 2. See the Big Picture IANS Connector Events bring together small groups of senior-level information security professionals from a broad spectrum of industries and experiences for facilitated deep-dive discussions of important challenges and solutions in the information security space. Your community is a resource: through intimate peer-to- peer conversations around common issues, solutions, and suggestions for improvement, youโ€™ll gain insight into varying perspectives and develop new ideas to accelerate your problem-solving efforts.
  • 3. How can you embed information security risk assessment into key processes? IANSโ€™ research shows that CISOs and their teams typically donโ€™t have a large role in enterprise risk decisions โ€“ and when information security isnโ€™t involved in decisions early on, the team is often forced to work much harder, but may achieve much less. How can you ensure that security is asked for input when your company deploys new software, commits to new vendors, launches new product initiatives, and considers mergers and acquisitions? At a recent event, we posed the question:
  • 4. โ€œCurrently security is an after thought - it is not incorporated up front in the business process. Security is perceived as a road block in most instances, also development teams seem to think they have security expertise within their group.โ€ โ€œWe have an engagement process but there are other factors in the "way we approve" initiatives that sometimes leaves us in the dark.โ€ Attendees discussed the challenges โ€ฆ โ€œโ€ฆ we have limited Infosec personnel to actively review for risk.โ€
  • 5. โ€ฆ and through that discussion, shared thoughts on how to address the problem. โ€ข Work with executive leaders to gain support for requiring risk evaluations for key projects. โ€ข Establish agreements with Finance and Legal that compel assessment of new vendors before contracts โ€ข If development is done in-house, institute app-level penetration testing, training for developers, and secure coding guidelines.
  • 6. At at Connector Event, you will: โ€ข Gain insight into the challenges and roadblocks you and your peers share. โ€ข Learn about new and unique approaches to common issues and topics โ€ข Take away problem-solving ideas that you can apply in your own organization.