Information Security Programs: Defining And Managing To Operational Success



Published
On the surface, building an information security program may appear as is in its name, a single program. However, in reality, there are countless elements — sub-programs and adjacent programs, if you will — that comprise a comprehensive information security program.

In this conversation, we explore the overarching program, of course, including:
- Who owns the program
- How to secure funding for the program
- How to define and measure success
- How to communicate progress, accomplishments, failures, and challenges
- Common best practices for a program

But, we will also look at all (or, as many as we can) of the sub-programs or adjacent programs that support the main InfoSec program. Things like network security, DevSecOps, risk management, data protection, regulatory compliance, and incident response — just to name a few.

Join us for this conversation and bring your questions about how best to plan, prioritize, budget, staff, and implement a successful information security program.

It's time to explore reality.

____________________________

Guests
Mari Galloway
CEO and a founding board member for the Women's Society of Cyberjutsu (WSC) [@womenCyberjutsu]
On LinkedIn | https://www.linkedin.com/in/themarigalloway/
On Twitter | https://twitter.com/marigalloway

James Leslie
CIO at Cambridge Housing Authority [@CambHousing]
On LinkedIn | https://www.linkedin.com/in/jameseleslie/
Cambridge Housing Authority | https://www.cambridge-housing.org

____________________________

This Episode’s Sponsors

HITRUST:
Category
Management
Be the first to comment