1-929-800-1184

Month: April 2016

ESRM Security Philosophy: A View from the Top

Leave a comment

 

ESRM Security Philosophy: A View from the Top

It was great to hear security industry thought leader Brian Allen, Chief Security Officer at Time Warner, and his colleague Rachelle Loyear, Director of Operational Business Continuity Management, discuss Enterprise Security Risk Management (ESRM) at the Spring ASIS International Conference in New York City.

The philosophy of Enterprise Security Risk Management, an integrated model, can address important concerns for private sector entities when it comes to communication and role clarity challenges. This is no small matter. Integration of this process into company culture will help make companies, particularly large companies, be more nimble and agile in responding to organizational threats. Allen and Loyear discussed their partnership, and philosophy, in managing through a crisis within their respective roles.

Key takeaways from the discussion:

  1. When managing through a crisis understand the business issue you are trying to solve (technology, customer, financial).
  2. When an incident occurs, which members of your enterprise team are at the table and what does ongoing, sustained communication look like with business partners? 
  3. Small controllable table-top exercises are a good way to bridge gaps and build a crisis management team. Know the difference between an incident and a crisis. Also, know when to get your Cyber Response Team involved or when to elevate the concern to your Executive Cyber Response Team.
  4. Security awareness programs are needed in all organizations large and small.
  5. Have a “considerations checklist” versus just an execution or incident response plan checklist. Think about the most important considerations for your business when responding to a crisis (cyber, natural disaster, active shooter). This allows more flexibly in responding to an incident in a world where we can’t plan for everything. 

Essentially, the security leader’s role in managing a crisis is the same in any crisis management concern. This is a simple statement, with many nuances, when it comes to managing a data or cyber crisis. 

Jessica Robinson, is a writer and Founder & CEO of PurePoint International. She has worked with a top 40 company and with the 2015 US Open. As a security & risk management expert and outsourced CSO (Chief Security Officer), she advises and consults with small and medium sized businesses on cyber prevention and response. Learn more at www.the-purepoint.com.

Inclusion – Powerful in the Workplace or Just More Words

3 Comments

Inclusion – Powerful in the Workplace or Just More Words

Had a great day at the Spring ASIS International security conference. I have an article published in the current edition of Security Director Magazine (the picture is me pointing to my article)! To read the article, Inclusion – Powerful in the Workplace or Just More Words, in full click here and scroll to page 55. Enjoy other great articles in this security magazine.

Jessica Robinson, is a writer and Founder & CEO of PurePoint International. She has worked with a top 40 company and with the 2015 US Open. As a security & risk management expert and outsourced CSO (Chief Security Officer), she advises and consults with small and medium sized businesses on cyber prevention and response. Learn more at www.the-purepoint.com.

Law Firms and Cyber Breaches: Three Things to Know

2 Comments
Law Firms and Cyber Breaches: Three Things to Know
I was honored and thankful to speak at the ACEDS Conference.  It was a wonderful opportunity to learn the deeper security challenges to companies and to share my insights of working with small and medium sized businesses in bridging the gap between physical & cyber concerns.
What to consider:
1. Almost 80% data breaches arise from internal staff – train your staff.
2. Law firms have to be part of the cyber solution. (i.e, Panama Papers). Know the threat landscape for your industry.
3. How are you collaborating with internal and externals partners (IT, Managing Director, computer forensics experts, and other stakeholders).
Stay tuned for my upcoming article detailing what law firms need to know to prevent breaches.
Jessica Robinson, is a writer and Founder & CEO of PurePoint International. She has worked with a top 40 company and with the 2015 US Open. As a security & risk management expert and outsourced CSO (Chief Security Officer), she advises and consults with small and medium sized businesses on cyber prevention and response. Learn more at www.the-purepoint.com.

Four Facts About Women in Tech (and Security)

Leave a comment

Four Facts About Women in Tech (and Security)

I was honored to volunteer with a group of high school students and to be on a Microsoft DigiGirlz Panel with incredible women who started their own company from Women In Technology, to leaders at Microsoft & Bloomberg discussing girls and tech with high school students across the New York City. It was great to look out and see a sea of young girls interested in careers in tech!

For young women and experienced this is both an extremely invigorating, yet nerve wrecking place to be when few resemble and look like you. I love having the opportunity of sharing my experience of starting out as a computer science major to now owning my own company. It has been a winding road with twists and turns like many other people I know. Life has been anything, but predictable and I enjoy being part of the movement of men and women to move the needle on these statistics.

Facts:

1. Women make up 40% of the labor force
2. Responsible for $20 trillion of consumer spending
3. Make up 30% of tech roles
4. Women make up 5% of corporate boards
Jessica Robinson, is a writer and Founder & CEO of PurePoint International. She has worked with a top 40 company and with the 2015 US Open. As a security & risk management expert and outsourced CSO (Chief Security Officer), she advises and consults with small and medium sized businesses on cyber prevention and response. Learn more at www.the-purepoint.com.