June 06, 2008 — As publisher of CSO I have the great honor of meeting a great many very smart people. This is a good thing because it certainly helps compensate for my gaps in knowledge. The month of March this year was an exceptional one in particular.
During March I had the good fortune to spend some time at one of our annual events, the 2008 CSO Perspectives conference, and was again amazed by the depth of knowledge, experience and insight that is displayed by those in the security profession. This year's conference was themed "Becoming the Complete CSO." From those of you who attended and whom I had a chance to speak with, there was universal praise. Not just for the content and speakers (which were great) but also for the recognition that CSOs are rising to ever-greater heights within their organizations and that sometimes, at those elevations, an individual's focus must shift from tactical to strategic.
The week prior to CSO Perspectives I was at my good friend Robert Rodriguez's IT Security Entrepreneurs' Forum (ITSEF) at Stanford University. Funded by the Department of Homeland Security and the Kauffman Foundation, the ITSEF focuses on bringing together early-stage security businesses, the federal government and the venture capital community to make sure that important technologies that address critical security issues don't fall by the wayside before they can be fully commercialized. In this fast-growing but increasingly consolidating industry, the danger of critical-technology obscurity should be of concern to all security professionals. As with CSO Perspectives, this was another occasion for me to rub elbows with some very smart people in this business and to learn from them.
So what did I learn this month? First, that security is the responsibilityÂÂÂ of everybody—from the janitor to the CEO. Without a culture of security, an organization will always be vulnerable. Second, that security is not just about the technology. CSOs walk a fine line between security and business and must constantly strike a balance between the two. CSOs must understand the issues of both sides and act as a liaison between the folks from the business side and those from the security side—both are critical to selling the value of security. Finally, despite what you may hear, there are a lot of CSOs doing the first two very, very well. My advice to those CSOs who struggle with the balance of tactical and strategic responsibilities? To those who find it difficult to integrate security and business objectives? To those who struggle to sell the value of security in their organizations? Find your peers and learn from them.
Data Center Directions Virtual Conference
Attend this free, 100% online event exploring tools and techniques for making your data center deliver for today and tomorrow.
Maximizing Site Visitor Trust Using Extended Validation SSL
Now with Extended Validation (EV) SSL available from VeriSign, you can show your customers that they can trust your site. Learn about EV SSL benefits in the free VeriSign white paper.
- The Latest Advancements in SSL Technology
- Maximizing Site Visitor Trust Using Extended Validation SSL
- How to Offer the Strongest SSL Encryption
- Solving Online Credit Fraud Using Device Reputation
- Forrester Reports 321% ROI Through Device-Based Fraud Management
- Enterprise Management Associates: Taking the Botnet Threat Seriously
Get instant notifications when whitepapers, webcasts and case studies are added
to our library. Sign up for a Resource Alert now!
CSO Corporate Partners
7th Annual Digital ID World
-
September 8 - 10, 2008Hilton AnaheimRegister now »
Anaheim, California
(ISC)2 members can earn up to 20 CPE Credits
Reference priority code ONLINE and save $800 off the full registration price — attend the program for $995
