Editor and co-founder at Techworld IDG As an expert in cyber security, how do you prioritize patching in a multi-layered approach to data safety?
Shutterstock While I was chief security officer CSO in Michigan, the most impactful way our centralized security team communicated with executives was with regular security roadshows with client agencies.
Important information was exchanged during these annual sessions in front of top business leaders, including physical- and cyberthreat briefings, key project status updates, discussions on security capabilities, conversations on staff awareness training programs, and ongoing incident status reports.
While we packed a lot of topics into an hour, our format encouraged an open dialog with everyone involved to build face-to-face transparency, accountability and trust.
But before we traveled around to meet with government leaders in each department such as state police, transportation, treasury and more, we started each governmentwide cybertour with the governor. These meetings were important because they brought our security project scorecard to life with statewide metrics and agency-specific actions.
They enabled ongoing conversations regarding cybersecurity risks and outlined the steps that were being taken or could be taken to mitigate threats.
So how can you begin this security conversation with business areas in your government? Here are five communication tips to consider: Decide who should be involved, what topics and materials will be covered, when to put these meetings on busy calendars, where you will meet, and how you will run the meetings.
As CSO, I let the business areas select their executive participants, and some groups kept it small, while others invited up to 30 agency leaders.
Select Good Metrics and Keep Reporting. Just as businesses maintain key metrics of success, offer measurements that are understandable and repeatable as part of the ongoing security conversation.
Adapt to the Audience. While a consistent, updated enterprise presentation was offered every year on our roadshow, we also adjusted our messages to each audience.
Flexibility is especially needed when meeting with new agency leaders who need to bone up on security concepts. Security roadshows should be a part of a wider set of ways you communicate with business groups. Channels can range from newsletters to emails to tabletop exercises to emergency call lists for incidents.
We also invited our government partners to our cybersummits and scheduled one-on-one lunches. Nevertheless, ongoing security roadshows were a vital component of our overall cyberstrategy.
Leverage Existing Governance Mechanisms. He also uses the same briefings for cabinet meetings, legislative committees and updating other government entities that have an ongoing role. Start small with key business areas. Having a strong endorsement from top elected officials is great, but sadly is not always the case.
Remember, the top complaint in most public- and private-sector organizations is a lack of good communication on key issues, including cybersecurity. Dan Lohrmann Contributing Writer Building effective virtual government requires new ideas, innovative thinking and hard work.Measuring the success of cyber is and will for the foreseeable future be fickle, as it is dynamic and success can be achieved by both luck and judgment.
SANS cyber security training is an essential element in the development of individuals and teams that are prepared to protect governmental, military, and commercial institutions from cyberattacks..
The SANS Institute is the most trusted, and by far the largest, provider of training, certification, and research to cyber security professionals globally. The Schools That Teach tour was created by Governor Tom Wolf to celebrate the incredible teaching and learning taking place in Pennsylvania classrooms every day.
Cyber education key to security We are extending the scope of cyber education beyond the federal workplace through the National Initiative for Cybersecurity Education to include the public, as.
Four Essential Principles for Education Success Four Essential Principles for Education Success. This is not to say that education is not critical for success.
In fact, it often is the key. With a rise in cybercrime effecting the government, organizations and individuals — a cyber security degree could be the key to opportunities that allow you to do your part in helping keep data and information safe from hackers.
XPG GAMMIX D10 modules are designed for gamers and PC enthusiasts with support for all motherboards compatible with Pin DDR4 memory. XPG GAMMIX D10 can be easily installed with limited space due to an efficient low-profile design. With a rise in cybercrime effecting the government, organizations and individuals — a cyber security degree could be the key to opportunities that allow you to do your part in helping keep data and information safe from hackers. 5 Ways to Initiate Communication about Cybersecurity Well-planned cybersecurity roadshows can help get agencies on board and up to speed. by Dan Lohrmann / January/February