Archive for April, 2010

Tips to approve Security Business Projects – James Anderson at RSA 2010

At RSA 2010 James Anderson, Executive security consultant at Emagined Security, gives me insight into his session: Security Business cases – Fact and fiction in selling security.  More specifically, we talk about the following:

  • Steps to walk through in creating a security business case to get approval for your security project and hard versus soft benefits
  • [3:43] Tips on creating the business case
  • [5:43] Key flaws in logic when people present their business case
  • Where security risk analysis plays a good role to build your case
  • [9:14] Examples of where security can be tied to revenue
  • [12:28] Examples of security adding value which don’t fall directly into the hard or soft benefit categories
  • [15:35] Recommended resources for learning more on these topic areas and where he would like to see the industry go.  How you can tell a CISO is good.
Categories: Uncategorized Tags: