Leadership Solutions

pexels-photo-272980.jpg

Knowledge Corner - Information Protection

Take a sneak peek at our new Knowledge Corner resource pages. We’re working on making SEC resources easier for you to find what you need including resources related to security strategic planning, influencing senior management, risk assessment, leadership strategies and security metrics.

Contact us if you want to know the ways we assist security practitioners.




Tools

   

Information Protection Program: RACI Matrix  This is Security Executive Council material  

Created By: Security Executive Council
For each regulation/guideline relevant to your organization, assign the roles and responsibilities.
Resource is for Tier One Leaders only
Resource is for Tier One Leaders only
   

Information Protection Program: Risk Assessment and Compliance Checklist  This is Security Executive Council material  

Created By: Security Executive Council
This tool and audit benchmark is designed to assess information security management practices using a framework of 102 security objectives. It is a compilation of common practices from standards (ISO 17799) and audit documentation from exemplary companies.
Resource is for Tier One Leaders only
Resource is for Tier One Leaders only
   

Information Protection Program: Security Awareness & Training Menu and Facility Management Self-Assessment  This is Security Executive Council material  

Created By: Security Executive Council
A matrix that provides awareness and training options and an example of a self-assessment for managers.
Resource is for Tier One Leaders only
Resource is for Tier One Leaders only

Research & Benchmarks

   Not Following Established Policy Tops List of Most Significant Threats to Information Protection This is Security Executive Council material  
Created By: Security Executive Council
An advance release of a summary of research conducted by Kennesaw State University CISE in partnership with the SEC reports that the most significant threat from internal sources was the inability/unwillingness to follow established policy. This was followed by disclosure due to insufficient training.
 
   Security Barometer Results - Personal Electronic Devices in the Workplace This is Security Executive Council material  
Created By: Security Executive Council
This SEC poll found the number of respondents reporting using personal electronic devices in the workplace has increased to 80%.
 
   

Security Executive Council Trend Report: Benefits and Risks of Web 2.0 in the Enterprise This is Security Executive Council material  

Created By: Security Executive Council
Enterprises are adopting Web 2.0 applications in increasing numbers to improve communication and workflow within their businesses and to improve relationships with clients. Businesses employing such applications must be prepared to face the risks that accompany it.
Resource is for Tier One Leaders only
Resource is for Tier One Leaders only
   Threats to Information Protection This is Security Executive Council material  
An early release summary of "Threats to Information Protection 2015" provides a glimpse into the results of extensive research performed by Kennesaw State University's Center for Information Security Education (CISE) in partnership with the SEC. The summary material briefly covers the top ranked general, internal, and external threats to information protection. The research also investigated trends in staffing, changes in attack patterns and high risk technologies.
 
   Trend Research: Bring Your Own Device (BYOD) To Work This is Security Executive Council material  
Created By: Security Executive Council
This resource was developed based on a Tier 1 Leader and their IT colleague looking at productivity around the topic of BYOD to work (e.g., if I had my own phone or computer (e.g., Apple brand device) I could increase my productivity.) The research was then expanded to include further information on what peer corporations are doing in this area (e.g., pros, cons, must haves, challenges, risks and liabilities).
TIER 1 LEADERS: Log-in to obtain your copy.
OTHER VISITORS: Click the title to order this SEC resource.
Resource is for Tier One Leaders only
Resource is for Tier One Leaders only

Presentation Materials

   

Information Protection Program: BoD Presentation  This is Security Executive Council material  

Created By: Security Executive Council
A briefing in PowerPoint of an information protection framework to the Board of Directors.
Resource is for Tier One Leaders only
Resource is for Tier One Leaders only

Books/Guidelines/Manuals

   IT Security Response to Misconduct Allegations This is Security Executive Council material  
Created By: John Thompson, Security Executive Council Emeritus Faculty
This guide was written for the security executive to distribute to the person who has never been in the investigative field but is most likely to directly receive reports of misconduct allegations. It is for the business professional who has never been to an introductory investigations course. The series is also useful to the security executive or law department attorney who tasked with training professionals on what to do when they receive an allegation of wrongdoing. This book guides the non-security business professional through the investigative process up to the appropriate time to involve trained investigators.
A Tier 1 Leader item available for purchase. Visit our store.
Resource is for Tier One Leaders only
Resource is for Tier One Leaders only
   Information Protection Playbook, 1st Edition This is Security Executive Council material  
Created By: Security Executive Council
The primary goal of the Information Protection Playbook is to serve as a comprehensive resource for information protection (IP) professionals who must provide adequate information security at a reasonable cost. Using the guidelines provided in the Information Protection Playbook, security and information technology (IT) managers will learn how to implement the five functions of an IP framework: governance, program planning, risk management, incident response management, and program administration.
TIER 1 LEADERS: Log-in to obtain your copy. OTHER VISITORS: Click the title to order this SEC resource.

     Click here to view a short video describing this resource in more detail.
Resource is for Tier One Leaders only
Resource is for Tier One Leaders only

Forums

   Faculty Advisor: A Holistic Information Protection Program This is Security Executive Council material  
Created By: Greg Kane, Security Executive Council Staff
My organization is about to revamp our information protection program. Can you provide any guidance as to how to make sure it’s holistic and will be embraced by all? Read Security Executive Staff member, Greg Kane's, answer to this question.
 
   Faculty Advisor: Web 2.0 and Business Risks This is Security Executive Council material  
Created By: David A. Meunier, Security Executive Council Content Expert Faculty
What is your perception of the risks of Web 2.0 and what businesses should consider before deploying Web 2.0 applications? Read SEC Faculty member David Meunier’s answer to this question.