Episode 199 - Building a Security Strategy - Part II

Episode 199 - Building A Security Strategy - Part II

  1. Recap
    1. Strategy vs Policy
    2. Understand the business of your Business
    3. Know who your stakeholders really are
    4. Capability = (Tech + Service) * Process
    5. Crawl, Walk, Run
    6. It Takes A Village
  2. The Question is “How do I make one?”
    1. Almost no business is in the business of information security
    2. Follow The Money
    3. Understand The Decisioning Process
    4. “Culture Eats Strategy For Breakfast”
    5. Vocabulary Matters
  3. Understand the Business of Your Business
    1. Know the Formal and Informal Org Charts
    2. Influencers are as important as Deciders
    3. Beware the Spoiler
    4. “Culture Eats Strategy For Breakfast”
    5. Don’t Give a Vote or Veto Unnecessarily
  4. Know Who Your Stakeholders Really Are
    1. We will keep discussing this.
    2. Underestimating the power of culture WILL result in your plan faling
    3. That’s a majority of the reason that Strategy Is Hard
  5. Culture Is The Key