Have you ever joined a security organization after it lost credibility within the business (for instance, after a major breach)? What did you do to build it back up?

Security & GRCInternal CXO RelationshipsSecurity Strategy & Roadmap
2.9k views1 Upvote4 Comments
Senior Director Engineering in Travel and Hospitality, 10,001+ employees
Not a security organization, but in the past I have joined a place which had lost its reputation due to other reasons. Its almost like building it back from scratch, like any startup would. Take small steps in building trust, and ensure you pay high level attention to customer retention. If you are truthful and open, people will gain back trust.
CIO in Government, 1,001 - 5,000 employees
I myself have not been involved with an organization that has had a major security problem. Helped an organization with a security (ransomware) problem. Most important was solving first. Provide the right information to the public and, after recovery, communicate openly and transparently about the attack, the steps taken and the approach to recovery. Of course within the standards of security and privacy. This restored confidence in the organization and normal services were quickly restored.
1
Senior Information Security Manager in Software, 501 - 1,000 employees
Not directly.

But some years ago I was involved with the ISSA Generally Accepted Information Security Principles (GAISP)  project.
Since it was 100% volunteer-based and had no real leadership, it just sort of petered out.
1
Head IT - Infrastructure, Ops & Applications at Dhani, Indiabulls Group in IT Services, 5,001 - 10,000 employees
Yes, I built multiple cloud strategies and started using Google cloud storage for archival and backup for all 4 verticals - Nearline, Coldline, Archive, standard
1

Content you might like

Generally speaking, are you feeling optimistic about the state of DEI in cyber? Interested in hearing your reasons in the comments.

Security & GRCTalent Sourcing & HiringCulture & Values

Yes – very optimistic!33%

Yes – mildly optimistic.53%

No8%

I’m not sure6%


187 PARTICIPANTS
450 views1 Upvote

How would you describe the maturity of the risk management program at your organization currently?

Security & GRCRisk ManagementThreat Intelligence & Incident Response

Early Stages - the security activities haven't been planned/deployed yet.15%

Middle stage - we've planned security activities, but we've only partially deployed them.60%

Late-middle stage - we've deployed the majority of our security activities and it's keeping up with threats.19%

Mature stage - all security activities are deployed and are proactively detecting threats.4%


610 PARTICIPANTS
2.1k views1 Upvote

If you had a magic wand - what's the #1 daily business challenge you'd eliminate?

People & LeadershipStrategy & ArchitectureCloud+57 more
CTO in Software, 201 - 500 employees
Without a doubt - Technical Debt! It's a ball and chain that creates an ever increasing drag on any organization, stifles innovation, and prevents transformation.
142 19 Replies
Read More Comments
42.2k views131 Upvotes319 Comments

Does the risk of Ransomware and malware propagation bother you? Is IoT security a top of mind for you? To protect against many risks, we have witnessed success of micro-segmentation in the data center. Would you be willing to deploy similar solution for the campus? I am very curious to get your feedback?

Security & GRCThreat & Vulnerability Management
Read More Comments
3.1k views5 Upvotes5 Comments

What's your initial reaction to Cisco acquiring Splunk?

Applications & PlatformsSecurity Strategy & RoadmapIT Strategy & Roadmap
1.2k views1 Upvote1 Comment