The document emphasizes the importance of viewing security as a business enabler rather than a hindrance, advocating for a mindset shift towards being creative 'yes' people in addressing risks. It highlights the significance of trust, brand, and reputation, urging organizations to own their security programs and manage risks effectively rather than focusing solely on compliance. Additionally, it outlines that security is a collaborative ecosystem across companies and addresses considerations for evolving technologies like cloud and BYOD.

1. Do Security
like a start up or
get FIRED

2. mentality
Start up
2 © 2012 NetIQ Corporation. All rights reserved.

3. Trust,
Brand, Reputation
3 © 2012 NetIQ Corporation. All rights reserved.

4. “We protect our company’s brand - and
our Security & Risk program allows our
company to pursue new business
opportunities safely.”
Laura Koetzle, Forrester Research
4 © 2012 NetIQ Corporation. All rights reserved.

5. IT security says…
5 © 2012 NetIQ Corporation. All rights reserved.

6. Be seen as a business enabler instead of
a support function that always gets in the
way. Evolve from “no” people to
creative “yes” people, while knowing
that risk is the variable in the security and
usability equation
6 © 2012 NetIQ Corporation. All rights reserved.

7. Do or do not.
There is no try
7 © 2012 NetIQ Corporation. All rights reserved.

8. Do or do not.
There is no try
8 © 2012 NetIQ Corporation. All rights reserved.

9. Share with competitors
9 © 2012 NetIQ Corporation. All rights reserved.

10. Manage risk appropriately
Not compliance
10 © 2012 NetIQ Corporation. All rights reserved.

11. Own your security
11 © 2012 NetIQ Corporation. All rights reserved.

12. 12 © 2012 NetIQ Corporation. All rights reserved.

13. Rugged software
• I recognise that my code will be used in ways I cannot
anticipate, in ways it was not designed, and for longer
than it was ever intended.
• I recognise that my code will be attacked by talented
and persistent adversaries who threaten our physical,
economic, and national security.
13 © 2012 NetIQ Corporation. All rights reserved.

14. “Better to have someone who is good than
someone who is a specialist”
14 © 2012 NetIQ Corporation. All rights reserved.

15. 15 © 2012 NetIQ Corporation. All rights reserved.

16. 16 © 2012 NetIQ Corporation. All rights reserved.

17. Standards, APIs
17 © 2012 NetIQ Corporation. All rights reserved.

18. Key points
• Trust, brand, reputation.
• Evolve from “no” people to creative “yes” people.
• Do or do not. There is no try.
• Security is an ecosystem across companies.
• Manage risk appropriately, not compliance.
• Own your security programme.
• Evolving teams.
• Identity = reputation, relationships, activity, actionable
intelligence.
• Cloud & BYOD is just IT.
• Standards & APIs.
18 © 2012 NetIQ Corporation. All rights reserved.

20. This document could include technical inaccuracies or typographical errors. Changes are
periodically made to the information herein. These changes may be incorporated in new
editions of this document. NetIQ Corporation may make improvements in or changes to the
software described in this document at any time.
Copyright © 2012 NetIQ Corporation. All rights reserved.
ActiveAudit, ActiveView, Aegis, AppManager, Change Administrator, Change Guardian, Compliance Suite, the
cube logo design, Directory and Resource Administrator, Directory Security Administrator, Domain Migration
Administrator, Exchange Administrator, File Security Administrator, Group Policy Administrator, Group Policy
Guardian, Group Policy Suite, IntelliPolicy, Knowledge Scripts, NetConnect, NetIQ, the NetIQ logo, PSAudit,
PSDetect, PSPasswordManager, PSSecure, Secure Configuration Manager, Security Administration Suite,
Security Manager, Server Consolidator, VigilEnt, and Vivinet are trademarks or registered trademarks of NetIQ
Corporation or its subsidiaries in the United States and other countries.