Irrespective of the thinking and deciding levels, cybersecurity decision-makers need to draw adequate security governance conclusions from available information that could even be insufficiently premised. On this note, what are the skillsets central to this art of drawing sufficient conclusions to protect vital infrastructure from insufficient premises?
Thinking could either be automatic or controlled. When intuitive, then technology makes a perpetual sense of the proliferation results. Therefore, the evolutionary view is that at the end of processing data, the information could centre on the looped outcome!
Dear Ojo Ademola,
The following info should help:
https://www.code42.com/resources/infographics/six-unusual-data-behaviors-that-indicate-insider-threat?utm_content=unusual%20data%20behaviors%20infographic&utm_source=google&utm_medium=cpc&utm_campaign=ENT_Data%20Security%20-%20Enterprise%20-%20Search%20%7C%20cpg-evergreen&utm_term=data%20security%20policy&_bt=545544141724&_bk=data%20security%20policy&_bm=b&_bn=g&_bg=122302240505&gclid=CjwKCAiAprGRBhBgEiwANJEY7PbBkAdmSEdXpdy75owaC7v9vGTTo4YRemIMMLNZsttJ33cpBI1PMxoCqoAQAvD_BwE
https://get.altr.com/resource/ebook-5-steps-to-secure-cloud-data-governance/?utm_source=paid&utm_medium=ppc&utm_campaign=security&gclid=CjwKCAiAprGRBhBgEiwANJEY7DHWAdc368kcW2wOa4q8x_qkmYLPfPvellgXjGSGSBE5qD_fzZ0BYBoC7yoQAvD_BwE
Dear Ojo Ademola,
Some additional sources could be of interest as well:
https://www.immersivelabs.com/three-steps-to-ultimate-cyber-resilience-google-ads/?utm_term=cyber%20security%20framework&utm_campaign=New++General&utm_source=adwords&utm_medium=ppc&hsa_tgt=kwd-12840341261&hsa_grp=105350185859&hsa_src=g&hsa_net=adwords&hsa_mt=b&hsa_ver=3&hsa_ad=583717165626&hsa_acc=8650122646&hsa_kw=cyber%20security%20framework&hsa_cam=10637928472&gclid=CjwKCAiAprGRBhBgEiwANJEY7LOiBWaDgp3UMKIK8Du3G0STd63CzLLqZkPKjp7UF34DZjHbTvPrLxoC6YkQAvD_BwE
https://www.box.com/resources/dm/5-steps-to-good-governance/data-governance?utm_source=Google&utm_medium=SEM&utm_campaign=dm-google-sem-na-eng-governance&utm_keyword=data%20governance&id=7010e000001PaEVAA0&utm_content=555309179753|kwd-570793108|c&gclid=CjwKCAiAprGRBhBgEiwANJEY7Lcb9AlVuHwwW8ev8B7X3zGs0k4XHb9EATkBGYewtgdK8GkXGBw6shoCZ4wQAvD_BwE
https://www.sciencedirect.com/science/article/pii/S0963868717304353
Dear Ademola,
A very intriguing question, and one that not too many professionals ask.
My professional view below:
(a) At the core, technology security is a risk mitigation construct for technology related business/organisation/personal risks; and
(b) Technology exists to enable value creation.
Therefore, essential skill-set for security decisions must include, amongst many others,:
(1) ability to manage risk at a strategic level for the achievement of strategic goals and objectives;
(2) ability to help protect created value through appropriate application of security controls; and
(3) ability to understand changes in environmental dynamics, especially, emerging threats that may become impactful and being able to implement protective controls to avoid value erosion.
A few references below:
Creating Business Value through Effective Risk Management – Gabriel Akindeju, Dec 2020 [https://www.linkedin.com/posts/gakindeju_creating-value-through-risk-optimisation-activity-6743247860118249472-ziHc]
Risk Ownership & Accountability Definition - using SABSA Domain Architecture Concepts – Part 1 – Gabriel Akindeju, July 2020 [https://www.linkedin.com/posts/gakindeju_risk-ownership-definition-with-sabsa-domain-activity-6694849664220569600-Q5sB]
Information Security Governance and Management – Gabriel Akindeju, Feb 2015 [https://www.risksconsult.com/blog/2015/02/26/174/]
Risk Logic Map – Optimizing Risk Management Investments – Gabriel Akindeju, Jan 2022 [https://lnkd.in/g_zgqSZc]
Security Competitive Advantage – Gabriel Akindeju, Jan 2015 [https://www.risksconsult.com/blog/2015/01/29/security-competitive-advantage/]
Investment Logic Mapping - [https://www.treasury.govt.nz/information-and-services/state-sector-leadership/investment-management/better-business-cases-bbc/bbc-methods-and-tools/investment-logic-mapping]
iSMG Virtual CyberSecurity Summit: ANZ Strategic Value Risk Model (SVRM), Gabriel Akindeju, Feb 2022 [http://www.risksconsult.com/wp-content/uploads/2022/02/ISMG-Presentation-deck-ANZ-2022.pdf]
https://www.risksconsult.com/wp-content/uploads/2022/02/Corinium-Zero-Trust-Presentation-deck-ANZ-2022.pdf
Many thanks, Gabriel.
Optimising security solutions could exist simultaneous along with both controlled and automatic. However, because of diverse mitigating circumstances, solutions could engage with automating optimisation to add value strategically.
- Badges
- Science topic