Saturday, January 18, 2014

Wednesday, December 11, 2013

4 Ways to Sell Security Expenses to Business Executives

image from: corporatementors.in
One of the most challenging parts of being a security administrator is asking for more money, especially when it appears as though everything is working fine. The old adage comes to mind, "If it's not broken, don't fix it."

Unfortunately, this philosophy can be disastrous in the security world. New technology acquisition is often much easier for the CIO than for the CISO for one simple reason: business executives like new, shiny toys. They don't however, like to invest in technology that they are unable to see and play with.

For this reason, you must always address new security capability procurements in business terms that executive management understands. In other words, you have to show them the money. The following are 4 ways of getting business minded people to see the benefit of making security expenses that they do not fully understand.

1. Create a "What If" Scenario: This suggestion is often the easiest, especially since the most of the associated research is has already been performed if you are an active and aware security professional. Compile a list of the most recent vulnerabilities and exploits, whether they pertain to your organization or not. Then, take the data from your business continuity and disaster recovery plans (hopefully they are up to date and accurate) to calculate the amount of money lost each day when information and information assets are not available. Many times this kind of scare is enough to continue the conversation.

2. Capitalize on Competition: Business executives are always trying to compare their business with similar organizations because they do not want to be driven out of the market. On that same note, they often enjoy a good story about their competition's shortfalls. Find some similar organizations around the world that have suffered from security incidents, especially those that have lost a considerable amount of money. When you give this presentation and provide a solution, it can easily be seen as a win/win. Not only does it look like you are a better security professional than what the "other guys" have because it did not happen to your organization, but it also gives the executives an opportunity to make a decision that will give them a leg up on other members of the industry. Business people like to think that their company is an industry leader. All you have to do is give them an opportunity.

To put a cherry on top, it might be a good idea to reference the same profit loss data as in the previous suggestion when comparing against the competition.

3. Do Your Research: Nothing turns business people off more than speaking with someone who has no business sense. If you are unable to show a positive return on investment (ROI) for the procurement, they can feel like you have wasted their time. For this, make sure that you don't just research solution capabilities, but also the associated costs. Another tip is to only suggest solutions that fulfill the current need, along with projected organizational growth and near-term future requirements. It is fine to go up a size or two when buying a winter coat for your child, but it might be a waste of money to splurge on an adult large that they will never grow into.

Make sure you do research and find the best return on investment

4. Role Identification: When all else fails and you are sure you are absolutely right, it might be a good idea to remind your executives that ultimately they are the information owners. You are doing your job by identifying the problems and presenting solutions, but it is their responsibility to approve or disapprove the security measures. It is also their responsibility to protect their information. If a security incident occurs that would have been avoided if they chose to approve your suggested investments, it won't be your picture on the front page of the newspaper.

This is a bold step, but it has the possibility getting your recommendation funded AND changing the way they look at the security of their organization's information.

These 4 ways to sell security expenses to business executives could help you make your organization more secure, avoid security incidents, and ultimately keep your job. If you have any suggestions or additional tips for performing this task, please let me know in the comments section down below and I might add them to the list.

Read, Love, Comment, Share!

Sunday, November 10, 2013

20 Thoughts of an American Who Cares



1. I think hard work and responsibility should be rewarded.

2. I think that there should be fewer programs for helping people without insurance, jobs, or homes because more likely than not it was their own poor life choices that put them in whatever situation they are in to begin with.

Rob Davies, http://www.redbubble.com
3. I think that if we eliminated or suspended these programs, it would force members of the next generation to make better decisions and plans for their lives.

4. I think the biggest problem in our country is not our government, but our national culture.

5. I think the jealousy that many lower and middle class Americans have for the “Rich” is absurd and discourages ambition.

6. I am not a Republican.

7. I am not a Democrat.

8. I think the two party system of government in our country causes much more harm than any one person ever could.

9. I want to see political candidates who are options because of their leadership abilities, not simply because their party thinks they are most likely to win.

10. I could certainly be wrong, and I welcome that possibility with the hope that whoever is right will succeed.

11. I think social programs should exist, but only after our culture has changed for the better. Otherwise, they will continue to be abused.

12. I think all government benefits should require voter registration, if not also participation.

13. I want change that works and I think that involves a swift kick in the rear for most Americans.

14. I think it is sad that many Americans don’t understand how percentages work when it comes to taxes.

15. I think “facts” I learn on TV are spin until proven to be truth through actual research.

16. I don’t tell my kids that everything will be okay because that won’t be the case if they make poor choices.

17. I don’t like that I am supposed to feel empowered by the fact that I went to public school and my parents didn’t pay for my education, yet my kids will likely be criticized for “having better opportunities”. Whatever happened to creating your own opportunities, like I was forced to do?

18. I am hopeful for my children’s future because I focus on teaching them how to be good, hardworking people. They will automatically have a leg up on their peers.

19. I am not raising good kids. I am creating responsible, successful adults who (with any luck) will care about their community, their country, their children, and the future enough to stay informed.
 
20. I am afraid that there aren’t many other Americans like me.

Thursday, October 10, 2013

Congressional Lesson: Case for a Third Party


image from politico.com

During the last presidential election, I tried to spread a single point across my personal social circle as well as social media. Everyone seemed to be focused on reelecting President Obama or Governor Romney, but almost nobody was looking at the alternatives. I said it then, and I still say that the two party system of government in our country has the capability of doing far more harm than any one man ever could.

Now we find ourselves in a government shutdown and on the path to “falling off the fiscal cliff.” We want to blame our federal government, but what could we have done differently? Did we not vote our leaders into office?

People are often afraid to commit to any third party often because the simply doubt a third party could ever be as popular or powerful as the Republican or Democrat parties. That is the beauty behind this concept. 
Third parties never have to be the majority in order to be effective. They simply have to be strong enough to make sure no single party has over 50% of the House of Representatives or the Senate.

This scenario would help to eliminate the deadlock that is often associated with party line voting in Congress. It is up to us. We have the ability to change the future for our children and grandchildren. 

What do you guys think?

Tuesday, August 20, 2013

6 Steps to Building a Better Tomorrow



To everyone that actually cares:

I saw a video on a blog this morning that identified a liberal city councilwoman in Denver who was trying to change the behavior of the city’s citizens. That was the point of the video anyway. It was really a 15 second clip of a woman that said she wanted to put a small tax on plastic grocery bags so people will start using reusable ones instead.

The sad thing is that people actually responded to that message. People get caught up with the petty things in our politics and fail to see the things that actually matter. They let the media tell them what their feelings are because they are too lazy to figure it out for themselves. They think they are too far outside and do not have the wisdom to have an original opinion.

As most of you know, I am conservative. I am only mentioning this to express my lack of bias in this particular case. I am getting sick of the country that I love. I have been a public servant for almost as long as I have been of the age to do so and I think we need a change. This change isn’t going to come from politicians on any side, but from the people.

Change. The word reminds me of President Obama’s 2008 campaign for election. The reason it was successful is because all Americans have a deep desire for something different. He tapped into that beautifully, but the execution has been horrible.

Our forefathers created this “Great Experiment” in hopes that things would be different. They even wanted a change back then, and it was unforeseeably successful. They created a nation that could rule itself with structure.

The President is not supposed to be the most important governing position in our country. When President George Washington designed our nation’s capital, there is a reason that he put Congress on the hill and the White house off to the side. There is a reason that the capital building is the tallest in the district. There is a reason that the President is sworn in on the Capital steps. Our legislature is what was designed to set our country apart from the rest of the world. It has also had a hand in making things how they are today.

The biggest problem is with the political parties. I’ve said it before, and I will continue to say it. No one person can really cause that much trouble for our country. Even so, we are at the mercy of the two main parties for our choice. These days, we aren’t picking the best person possible for any political office. We are only picking out of the two that their respective parties think would be most likely to win. So many of our history’s great leaders wouldn’t even be options today. Instead, we get cookie-cutter candidates who are puppets to the polls and political parties.

The power to make a change has always been with the citizens, but we have either been too afraid or too ignorant to do so. I challenge all of you with this:

1. Demand that your respective political party give you better representatives for your needs.

2. Demand that your peers stop focusing on silly little jabs at the opposition.

3. Tell Fox News and MSNBC to start giving you unbiased news that actually matters to you.

4. If any of the above is unsuccessful, have the courage to look for alternatives.

5. Encourage the people you care about to do the same.

6. Encourage your children to become hard working, self-sustaining adults that are true to their word and their families.

We can make the changes that we have been looking to our political leaders to make. After all, we are the ones who put them there. The power is ours. We need to stop complaining and do something about our situation. They might be the board of directors, but we are certainly the shareholders in this organization.