How To Sell That Information Security Program To Management

SOUTHFIELD – To have a successful information security program, you must first visualize the successful program. The first person you must sell, before your boss, is yourself. The April 16 meeting of the Motor City Chapter of ISSA look at ways to sell that message.

The session also will discuss establishing a short-term goal, achieving it, reviewing the results, and setting the next objective. Also to be examined is how to use short-term objectives to develop a long-term plan and how to adjust the plan after each incremental objective is met. Most importantly, the session will examine to best reach management and employees with the message.

Leading the session will be Thomas R. Peltier, President, Thomas R. Peltier Associates, LLC. He has been an information security professional for almost 30 years. During this time he has shared his experiences with follow professionals and because of his work has been given the 1993 Computer Security Institute’s (CSI) Lifetime Achievement Award. In 1999 the Information Systems Security Association (ISSA) bestowed its Individual Contribution to the Profession Award and in 2001 he was inducted into the ISSA Hall of Fame. Tom was also awarded the CSI Lifetime Emeritus Membership Award.

Over the past decade, Tom has averaged four articles published a year on various computer and information security issues, including developing policies and procedures, disaster recovery planning, copyright compliance, virus management and security controls. He has had a number of books published: Policies, Standards, Guidelines and Procedures: Information Security Risk Analysis (2 editions): Information System Security Policies and Procedures: A Practitioners’ Reference (2 editions); The Complete Manual of Policies and Procedures for Data Security and is the co-editor and contributing author The Total CISSP Exam Prep; and a contributing author for the Computer Security Handbook, Third and Fifth Edition and Data Security Management. Tom and his son Justin have co-authored How to Manage a Network Vulnerability Assessment and Information Security Fundamentals.

Presentation Summary:

A new edition of Tom’s popular book How to Complete a Risk Assessment in 5 Days or Less has recently been published. It contains numerous case studies and diagrams that demonstrate how to apply risk management skills and provides the processes that organizations can easily employ to assess risk. This step-by-step guide includes more than 350 pages of user-friendly checklists, forms, questionnaires, and sample assessments and presents examples of all risk management components which can be used in any area of any business.

Please RSVP by April 13 to email [email protected]

Location:

Cisco Systems, Southfield Office,

2000 Tower – Suite 450, 4th floor,

Southfield Town Center,

Southfield

Date:

Thursday, April 16

Time:

6 pm

Topic:

Selling Information Security

a>>