Security and Privacy: A Practical Approach
The world has moved from one where information is centralized and shared on an “as needed’ basis to a restricted group of people to a scenario where information is “everywhere” and decentralized for maximum leverage for customer insights, collaboration, and ‘big data’ analysis. However, our customers, stakeholder, regulatory and legislative contexts continue to expect and demand effective Information Security and Privacy practices. Our presentation is about sharing approaches and war stories from actual experience as a CISO in trying to develop a first line of defense as opposed to expecting InfoSec to do everything and Internal Audit to find all the deficiencies. We will explore a more effective approach to engage the business, establish good internal and external communications, and change our information handling culture to leverage a Sustainable Risk Management approach.