How do you align yourself with the business you are supporting? What value are you creating? These are the questions that every CISO should be thinking on regular basis. In a typical organization, the CEO has a list of business … Continue reading
How to pick the right projects for the next year or the next thing to work on? Recently, this was the major point of discussion in the planning meeting of a non-profit organization. Irrespective of for-profit or non-profit status, all … Continue reading
Few days back, an information security executive asked for help. He has been struggling with demonstrating “tangible business value” of his information security program. We started our dialog about the company business, revenue sources, key issues, competitors and how he … Continue reading
Budget estimates are a major part of SOC business case. A typical budget will consist of capital cost, payroll expenses, and annual recurring costs. The budget estimates also helps in making decision about build an internal SOC or using SOC … Continue reading
Information Security is a rapidly changing field as advancements due to disruptive technologies, like SDN, IoT, NFV and others, have direct impact on security management programs. Information Security professionals, in general, are perceived to be slow in adapting to new technologies … Continue reading
Initiatives for Digital Transformation are at front and center of every major corporation to keep their business competitive and relevant. Many technology research organizations are publishing papers about different aspects of digital transformation, which is categorized as a new industrial … Continue reading
Please note that this is an older post An updated MindMap available here. It took some time to update the CISO MindMap but finally it is here. Thanks to all who provided suggestions for this update. A very rapid change … Continue reading
How brain works? can we learn after childhood? What is our mental capacity? What are the myths and what is reality? This article from McKinsey & Company sheds some light on these questions. “Misconceptions about the brain are embedded in … Continue reading
SWOT (Strengths, Weaknesses, Opportunities, Threats) analysis is an industry standard way of analyzing current situation (marketing, business strategy, risk assessment, etc). In many cases, SWOT analysis provides foundation for creating business strategy. Following is a short description of how we … Continue reading
The role of CISO, and other InfoSec professionals, has morphed into a critical business function. One should expect getting involved in “business” discussion often, and at higher levels. Understanding and speaking business language is more important than ever for success … Continue reading