Getting Your Security Budget Approved Without FUD

63 %
38 %
Information about Getting Your Security Budget Approved Without FUD
Technology

Published on March 11, 2014

Author: denimgroup

Source: slideshare.net

Description

Getting a security budget approved is a challenge, but it is arguably the single most important task a security leader can accomplish. This session reveals the six common factors that successful CISO’s use to quantify needs and justify security budget with non-technical executive leaders. Research and data gleaned from over 40 interviews with high-profile CISO’s provide some interesting results.

SESSION ID: Getting Your Security Budget Approved Without FUD CISO-W04A John B. Dickson, CISSP Principal Denim Group @johnbdickson

#RSAC Why Is Selling Fear So Compelling? u  Is it like selling insurance? u  The security industry is struggling for parallel models and metaphors u  FUD Distorts the Process 2

#RSAC CEO   CFO   CIO   VP  Development   Development   CISO   Security Leaders Are at A Structural Disadvantage u  They have a staff advisory role and not a “line” operator role u  They have different world views that drive their perspective u  They talk differently u  They have less power 3

#RSAC The Key Principles of Selling Security 1)  Exploit Pet Projects 2)  Account for Culture 3)  Tailor to Your Specific Vertical 4)  Consciously Cultivate Credibility & Relationships 5)  Capitalize on Timely Events 6)  Capture Successes & Over-Communicate 4

#RSAC 1) Exploit Pet Projects Always bundle security into CAPEX or other critical projects as defined by the CEO 5

#RSAC 2) Account for Business Environment Radically adapt your “Request for Resources” to your organization’s culture and risk appetite 6

#RSAC 3) Tailor to Your Specific Vertical 7 Tailor security requests to your specific vertical, sub-vertical, & sub- sub vertical

#RSAC 4) Capitalize on Timely Events Use near-death experiences of others to justify security spend 8 “You  never  let  a  serious   crisis  go  to  waste.  And   what  I  mean  by  that  it's  an   opportunity  to  do  things   you  think  you  could  not  do   before.”     -­‐  Rahm  Emanuel    

#RSAC 5) Consciously Cultivate Credibility & Relationships Credibility and relationships must be established prior to “Making A Security Ask” 9

#RSAC 6) Capture Successes & Over-Communicate Document security wins and communicate these successes so they become the new operating norm 10

#RSAC Conclusion Successful security leaders exhibit certain consistent approaches to get their security budgets approved – without using FUD! 1)  Exploit Pet Projects 2)  Account for Culture 3)  Tailor to Your Specific Vertical 4)  Consciously Cultivate Credibility & Relationships 5)  Capitalize on Timely Events 6)  Capture Successes & Over-Communicate 11

Q&A John B. Dickson, CISSP john@denimgroup.com @johnbdickson

Add a comment

Related presentations

Related pages

Getting Your Security Budget Approved Without FUD

SESSION ID: Getting Your Security Budget Approved Without FUD . CISO-W04A . John B. Dickson, CISSP . Principal . Denim Group . @johnbdickson
Read more

Getting Your Security Budget Approved without FUD | Denim ...

The abstract for this talk is: Getting a security budget approved is a challenge, but it is arguably the single most important task a security leader can ...
Read more

Getting Your Security Budget Approved Without FUD - YouTube

Getting a security budget approved is a challenge, but it is arguably the single most important task a security leader can accomplish. This ...
Read more

FUD C# Backdoor - Documents - Discover, share, present ...

Share FUD C# Backdoor. ... Getting Your Security Budget Approved Without FUD Getting a security budget approved is a challenge, ...
Read more

SIA Badge - Get your security badge in three easy steps ...

... holder using your SIA badge, a circumstance which without your prompt ... Getting it out in the open ... which your SIA security badge ...
Read more

Social Security History - The United States Social ...

... is treated in federal budget ... Security benefits without someone paying Social Security payroll ... You are exiting the Social Security ...
Read more

Fud | LinkedIn

View 795 Fud posts, presentations, experts, and more. Get the professional knowledge you need on LinkedIn.
Read more

Disability Planner: How Much Work Do You Need?

Budget Estimates & Related Info ... How You Apply; You're Approved; ... If you qualify now but you stop working under Social Security, you may not continue ...
Read more

How Nonprofits Take Action: Getting Board or Member ...

How Nonprofits Take Action: Getting Board or ... In order to comply with the law and maintain your ... are usually handled by staff without board ...
Read more