Episode 51
Security *is* Business!
It's been a minute, but we are back with another Great Security Debate!
Whether it is compliance, trust, questionnaires, we all sell something to someone and security is core to that process.
In this episode, the focus is on how security integrates into the core of each of our businesses or organisations. From being part of strategic planning, the reminder that perfect being the enemy of progress, to the power in being a first mover on security and privacy topics:
- Compliance vs security: Is it pro forma? Do you check the SOC2 (and other) reports you get from your suppliers?
- You're not a special snowflake: Why won't more orgs use standard questionnaires on supplier assessments?
- There are multiple ways to solve a problem, and context is key. The process and environment may mean you don't need a technology control or a specific (prescribed) technology control.
- "The business" is a term that should never be uttered again by security or technology practitioners and leaders.
- There is power and business value in governance and transparency in security and privacy; build trust in your brand.
- We need to move our programs a layer above the specific people. Risk is reduced by living at the process layer. Heroics are not scalable.
- How can preparing for a triathlon be used to describe adherence to targets that lead to good security (and the brand value that comes with it)
Remember that you can't be "SOC2 Certified." And PFMEA is not always the answer to every question. Or is it?
We also have a video channel on YouTube that airs the "with pictures" edition of the podcast. Please head to https://youtube.com/@greatsecuritydebate and watch, subscribe and "like" the episodes.
Some of the links in the show notes contain affiliate links that may earn a commission should you choose to make a purchase using these links. Using these links supports The Great Security Debate, so we appreciate it when you use them. We do not make our recommendations based on the availability or benefits of these affiliate links.
Thanks for listening!