Connector Events are small group discussions organized by IANS that bring together senior information security professionals to discuss challenges and solutions. The discussions provide a forum for peer-to-peer conversations around common issues. Attendees can gain different perspectives and new ideas to help solve problems in their own organizations. One recent event discussed how to better embed information security into key business processes like software development and vendor selection, as research found most CISOs are still in the early stages of integration. Attendees shared challenges like limited security resources to review everything and potential solutions such as communicating security's business impact and establishing agreements to assess vendors before contracts.

1. Connector Events

2. See the Big Picture
IANS Connector Events bring together small groups of
senior-level information security professionals from a
broad spectrum of industries and experiences for
facilitated deep-dive discussions of important challenges
and solutions in the information security space.
Your community is a resource: through intimate peer-to-
peer conversations around common issues, solutions, and
suggestions for improvement, you’ll gain insight into
varying perspectives and develop new ideas to accelerate
your problem-solving efforts.

3. How can you embed information security
into key business processes?
IANS’ research shows that 72% CISOs are still in the
very early stages of integrating information security
criteria into the day-to-day processes of their
organization. What steps can you take to weave
information security into the fabric of processes like
software development and vendor selection?
At a recent event, we posed the question:

4. “Currently security is an after thought -
it is not incorporated up front in the
business process. Security is perceived
as a road block in most instances, also
development teams seem to think
they have security expertise within
their group.” “We have an engagement
process but there are
other factors in the "way
we approve" initiatives
that sometimes leaves us
in the dark.”
Attendees discussed the challenges …
“… we have limited
Infosec personnel to
actively review for
risk.”

5. … and through that discussion, shared
thoughts on how to address the problem.
• Communicate the tangible input that security can have
in high-level business decisions like M&As
• Establish agreements with Finance and Legal that
compel assessment of new vendors before contracts are
signed
• Learn how to win the agreement of key stakeholders -
like the VP of App Dev, for example - to weave
information security criteria and implement verification
steps like code testing into processes like the SDLC.

6. At a Connector
Event, you will:
• Gain insight into the challenges and roadblocks
you and your peers share.
• Learn about new and unique approaches to
common issues and topics
• Take away problem-solving ideas that you can
apply in your own organization.