Making security cool (and CFO-friendly) unlocks resources for your IT security

June 29, 2012
1

Jill Knesek, Head of Global Security — Professional Services with BT Global Services talks must-have tactics for winning CFO support and funding for your security essentials.

 It’s great to be in with the cool kids; included from the off in everything that’s important. That’s what security has been striving for over the last five to 10 years.

Well now, security is taking its rightful place in boardroom decisions, moving from a primarily technical role to a strong partner in defending the organisation’s bottom line  — but there’s still important work to be done to make sure security gets the investment it needs to be of maximum value to the organisation.

Here are the seven essentials you need to win CFO support for your IT security

  1. Manage your stakeholders
    Use regular meetings to educate, update and draw effective parallels between security issues in the wider business environment and risks on your organisation’s horizon.
  2. Talk risks, not threats
    Throw off the prophesier of doom mantle and use the risk-based model familiar to CFOs to frame your case.
  3. Learn to speak ‘business’
    Break free from security jargon and embrace the language of business in general, and finance in particular to weave your aims into the fabric of your organisation.
  4. Reach out to business partners
    Build bridges with all areas of your organisation and be collaborative to get security priorities embedded into all business cases.
  5. Change your communication style
    Become the champion of ‘you could do this’ rather than the ‘department of no’ to encourage partners to see security as an enabler, not a preventer.
  6. Align your projects with compliance requirements
    Your CFO operates within a regulatory environment; highlighting how your security activity meets compliance essentials increases CFO buy-in.
  7. Know your business
    Make sure you can encapsulate what your organisation does in a two-minute elevator pitch — understanding your organisation’s fundamentals will help you maximise the value security can bring to your operation.

Click here to read Jill’s full article, published in Security Magazine, June 1st 2012

Jill Knesek

Jill Knesek, Global Practice Head - Advise Assure, BT Global Services, is responsible for BT’s professional services security practice globally, ranging from strategy to portfolio to business capacity and demand planning through to investment, growth and enablement. Previously, she served as Chief Security Officer for BT Global Services. Jill has more than 15 years experience directing security programs, including directing security operations for the Cable & Wireless Managed Security Services group. She also served as a Special Agent for the FBI, assigned to the Cyber Crime Squad in the Los Angeles field office, where she was involved in several high-profile cases, including the Kevin Mitnick case. She was also the case agent for the first FBI undercover operation that infiltrated the hacker community. Jill’s credentials include CISSP (Certified Information Systems Security Professional) and CISM (Certified Information Security Manager).

More Posts - Twitter - LinkedIn

Filed Under: Securing your data and network Tagged With: , , , , , , , , , , ,

Trackbacks

  1. Risk Reduction Through IT Collaboration says:
    March 6, 2013 at 2:05 pm

    [...] the last few years, I’ve written several articles and blogs about how critical collaboration is to the success of a security organization.  I’ve also [...]

    Reply

Speak Your Mind

*