CSOs say business approach is essential

Share this article:

CSOs need to put business needs first when going about securing their enterprises, a panel of security executives said at the RSA Conference this week.

Microsoft CSO Karen Worstell said security managers need to remember that their job is not all about defense.

"Our number one obligation is to make sure our company does great in business," she said.

People often view security as a tax or a burden, but security executives have an opportunity to show how it can be a business enabler, Worstell added.

Identity management is an area of security where businesses can see a return on investment, noted Oracle CSO Mary Ann Davidson: "There are aspects of security that are actually helping people work more effectively and are not just putting up a barrier."

Lisa "L.J." Johnson, global information security manager at Nike, said it is important that security professionals add business skills to their core technical expertise.

"Working on my business skills was very critical," she said.

An MBA, she added, "gave me a lexicon of business language" to use in speaking with corporate executives. "I could speak their language and build trust with them."

Dennis Devlin, vice president and CSO at the Thomson Corporation, said business is all about risk and that it is important for security managers to "help business executives make intelligent risk decisions."

In security, technology is important but "people and processes are probably becoming even more important," he said.

www.rsa.com

Share this article:
You must be a registered member of SC Magazine to post a comment.
close

Next Article in News

Sign up to our newsletters

TOP COMMENTS

More in News

Information sharing requires breaking down barriers, White House cyber guru says

Information sharing requires breaking down barriers, White House ...

The White House has advanced an agenda to promote and facilitate information sharing on security threats and vulnerabilities.

Worm variant of Android ransomware, Koler, spreads via SMS

Worm variant of Android ransomware, Koler, spreads via ...

Upon infection, the Koler variant will send an SMS message to all contacts in the device's address book.

Patch for Windows flaw can be bypassed, prompts temporary fix from Microsoft

Patch for Windows flaw can be bypassed, prompts ...

The Windows zero-day received a patch last week, but the fix can still be bypassed by crafty attackers.