Security Barometer
What are the top security risks facing organizations today? 
|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Tools | ||
Information Protection Program: RACI Matrix
Created By: Security Executive Council |  Resource is for Tier One Leaders only | |
 | ||
Information Protection Program: Risk Assessment and Compliance Checklist
Created By: Security Executive Council | Resource is for Tier One Leaders only | |
| ||
Information Protection Program: Security Awareness & Training Menu and Facility Management Self-Assessment
Created By: Security Executive Council | Resource is for Tier One Leaders only | |
| ||
Research & Benchmarks | ||
Not Following Established Policy Tops List of Most Significant Threats to Information Protection  Created By: Security Executive Council An advance release of a summary of research conducted by Kennesaw State University CISE in partnership with the SEC reports that the most significant threat from internal sources was the inability/unwillingness to follow established policy. This was followed by disclosure due to insufficient training. | ||
| ||
| Security Barometer Results - Personal Electronic Devices in the Workplace Created By: Security Executive Council This SEC poll found the number of respondents reporting using personal electronic devices in the workplace has increased to 80%. | ||
| ||
Security Executive Council Trend Report: Benefits and Risks of Web 2.0 in the Enterprise Created By: Security Executive Council | Resource is for Tier One Leaders only | |
| ||
| Threats to Information Protection An early release summary of "Threats to Information Protection 2015" provides a glimpse into the results of extensive research performed by Kennesaw State University's Center for Information Security Education (CISE) in partnership with the SEC. The summary material briefly covers the top ranked general, internal, and external threats to information protection. The research also investigated trends in staffing, changes in attack patterns and high risk technologies. | ||
| ||
| Trend Research: Bring Your Own Device (BYOD) To Work Created By: Security Executive Council This resource was developed based on a Tier 1 Leader and their IT colleague looking at productivity around the topic of BYOD to work (e.g., if I had my own phone or computer (e.g., Apple brand device) I could increase my productivity.) The research was then expanded to include further information on what peer corporations are doing in this area (e.g., pros, cons, must haves, challenges, risks and liabilities). TIER 1 LEADERS: Log-in to obtain your copy. OTHER VISITORS: Click the title to order this SEC resource. | Resource is for Tier One Leaders only | |
| ||
Presentation Materials | ||
Information Protection Program: BoD Presentation
Created By: Security Executive Council | Resource is for Tier One Leaders only | |
| ||
Books/Guidelines/Manuals | ||
| Information Protection Playbook, 1st Edition Created By: Security Executive Council The primary goal of the Information Protection Playbook is to serve as a comprehensive resource for information protection (IP) professionals who must provide adequate information security at a reasonable cost. Using the guidelines provided in the Information Protection Playbook, security and information technology (IT) managers will learn how to implement the five functions of an IP framework: governance, program planning, risk management, incident response management, and program administration. TIER 1 LEADERS: Log-in to obtain your copy. OTHER VISITORS: Click the title to order this SEC resource. Click here to view a short video describing this resource in more detail. | Resource is for Tier One Leaders only | |
| ||
| IT Security Response to Misconduct Allegations Created By: John Thompson, Security Executive Council Emeritus Faculty This guide was written for the security executive to distribute to the person who has never been in the investigative field but is most likely to directly receive reports of misconduct allegations. It is for the business professional who has never been to an introductory investigations course. The series is also useful to the security executive or law department attorney who tasked with training professionals on what to do when they receive an allegation of wrongdoing. This book guides the non-security business professional through the investigative process up to the appropriate time to involve trained investigators. A Tier 1 Leader item available for purchase. Visit our store. | Resource is for Tier One Leaders only | |
| ||
Articles | ||
| The Mission is Not Cybersecurity-It's Enterprise Security Created By: George Campbell, SEC Faculty Security's current business model can deliver on the routine service demands, but our role in meeting these increasingly consequential risks will require a much more inclusive and mature presence. | ||
| ||
Forums | ||
| Faculty Advisor: A Holistic Information Protection Program Created By: Greg Kane, Security Executive Council Staff My organization is about to revamp our information protection program. Can you provide any guidance as to how to make sure it’s holistic and will be embraced by all? Read Security Executive Staff member, Greg Kane's, answer to this question. | ||
| ||
| Faculty Advisor: Web 2.0 and Business Risks Created By: David A. Meunier, Security Executive Council Content Expert Faculty What is your perception of the risks of Web 2.0 and what businesses should consider before deploying Web 2.0 applications? Read SEC Faculty member David Meunier’s answer to this question. | ||
| ||
Login
Find It For Me!
Can't find what you're looking for? Likely we have what you need. Click the Find It For Me! button and we'll help you out.
