By Jill Knesek, Chief Security Officer, BT Global Services

There aren’t many times I check in on the trade publications and see an article that really hits on the issues faced by the C-level audience in the security sector.  Frankly, we’re an unusual bunch, with very specific interests, issues, and concerns.  But recently, I saw an article by Ernie Hayden at searchsecurity.com that got to the heart of some of the compliance issues that I know I face and I’m sure you grapple with, too.

Approaching compliance from the standpoint of managing processes, Hayden outlines five key propositions that can help guide decision-making and apply as equally to PCI as to NERC.  His top picks are:

• Your fundamental obligation to the company is to protect data and prevent loss
• You should know the ins and outs of the regulations your organization is held to
• View training and awareness as key components of your compliance strategy
• Understand the root cause of any issues related to compliance
• The organization should be kept under constant pressure to be in compliance

To read Hayden’s entire article – “How to manage compliance as Chief Information Security Officer (CISO)” — click here. 

And if you’re a C-level or senior security officer in the Chicago area and would like to continue this conversation over dinner, I’ll be hosting a BT Security Roundtable in Chicago on July 28.  To learn more about the dinner, please contact our Chicago-area managed security solutions specialist, Kurt Luporini.