1. Session ID:
Session Classification:
Caroline Wong, CISSP
Symantec
STU-W27B
Intermediate
SECURITY SMARTSFORTHE SELF-GUIDED
IT PROFESSIONAL

2. Presenter Logo
► Advice from my first manager
►

3. Presenter Logo
►
►
►
►
►
►
► Can you deliver on these statements?

4. Presenter Logo
► The job of the defender is to protect against an infinite
number of attacks. However, a defender will always have a
limited amount of resources with which to do this. The real
job of the security practitioner is to prioritize remediation
efforts by risk, so that the limited resources can be focused
on addressing the greatest risks to the business.
Visibility & Decision-making

5. Security HowTo: Defining
Objectives

6. Presenter Logo
►
► Compliance
► Highest Risk
► Business Enabling Security Practices
►
► Process Improvement
► Technology Improvement
► Audit Findings
►
► What Needs to Be Discussed
►
► Technology Evaluations
► Cloud Provider Metrics and Evaluations
Define Objectives

7. Security HowTo:
DefineYour Priorities

8. Presenter Logo
► Why is it important?
► Factors to consider
► Compliance
► Risk Reduction
► Threat Analysis
► Alignment with Top Business Objectives
DefineYour Priorities

9. Security HowTo:
Key Messages for Key
Audiences

10. Presenter Logo
► Why Stakeholder Engagement is Important
► Preparing for a Buy-In Discussion
► Meeting, Explaining, Asking, Documenting
► Examples
► CEO
► CFO
► BU Leader
Key Messages and Key Audiences

11. Presenter Logo
► Join industry communities and groups
Resources