Although security professionals have been embedding themselves more and more into the business, there’s still a gap in how they communicate with their board, as well as their business partners.
As technology has continued to proliferate within the enterprise, and developing and maintaining relationships with third-parties has grown, analyzing the processes tied to the various business functions and how those third-parties play a role in the business has become part of the job.
To run the business of security successfully, Edna Conway, chief security officer of Global Value Chain at Cisco, advises security leaders to develop tolerance levels which can then be translated into currency, such as dollars.
“Integrating into our architecture’s operational practices, helps us speak not only the right language for the business but embed security into the people, processes, and tools of the way we operate every day,” she told InfoSec Insider during a video interview shot at the RSA Conference.
In the full video interview below, Conway shares her insight on what infosec leaders can do to ensure that security becomes an active discussion about the way you operate within the business, rather than an added bolt-on feature.