Tips and Ideas to Help Sell Your Security Program Practical Lessons Learned as the Principal Security Officer in Systems at the Social Security Administration.

Slides:



Advertisements
Similar presentations
Volunteer Orientation Buchanan County Emergency Management.
Advertisements

Role of Senior Management
What Employers are Looking for in YOU!. Objectives Discuss key skills Employers look for in a successful Intern or New-hire. Discuss key skills Employers.
What Every Post Award Administrator Needs to Know, But Was Afraid to Ask Felicia Mayes and Randi Wasik.
Security awareness and cultural change “…from bad apples to good eggs…” Martin Smith MBE FSyI Chairman and Founder The Security Company (International)
1 Grant Process Proposal Preparation Proposal Writing Project Implementation Evaluation and Assessment Reporting.
INL’s Cellular Data Stipend Jonathan Homer NLIT 2009.
Screen 1 of 24 Reporting Food Security Information Understanding the User’s Information Needs At the end of this lesson you will be able to: define the.
Anita Hairston DOI Office of Acquisition and Property Management
Human Resource Champions: The Next Agenda for Adding Value and Delivering Results Presented by Ivan Chang.
SB113 Course Overview Risk, Resource and Opportunity Marc Compeau – 8/23/04.
Business on Board Board Training Workshop Friday 7 November 2014.
Risk Management Vs Risk avoidance William Gillette.
OHSAS 18001: Occupational health and safety management systems - Specification Karen Lawrence.
Using Situational awareness and decision making
CRISIS COMMUNICATIONS PLANNING A rehearsal for crisis Planning is key.
Computerised Maintenance Management Systems
Policy? Guidance? Standard Operating Procedure? Tips on how to achieve compliance with minimum red tape Carolyn Bargoot, Associate Director Post-Award.
Control environment and control activities. Day II Session III and IV.
VOLUNTEER TRAINING HOLLY SPRINGS ELEMENTARY SCHOOL STEM ACADEMY VOLUNTEER TRAINING 1.
SUBTITLE DAY, MONTH, YEAR Accreditation Support for Teachers Introduction to Accreditation at Proficient Teacher Module 5 of 5.
Keeping Your Legal Career on Track January 21, 2010 NYC Bar Association Joseph Brazil.
Assisting Students with Disabilities: A Training Program
Mr. Batchelor HP IT Essentials I & Honors level II New Version 4.1.
INFORMATION SECURITY GOVERNANCE (ISG) Relates to the security of information systems Is an element of corporate governance.
Successful Board Management Building and Leading the Team Deb Fritz, NSR National PTA.
New PBIS Coaches Meeting September 2,  Gain knowledge about coaching  Acquire tips for effective coaching  Learn strategies to enhance coaching.
Central Piedmont Community College Internal Audit.
Introduction to Human Resources. The HR manager as a strategic business partner n Three dimensions are critical in the design and practice of HR.
Conservation District Supervisor Accreditation
© 2001 by Carnegie Mellon University PSM-1 OCTAVE SM : Senior Management Briefing Software Engineering Institute Carnegie Mellon University Pittsburgh,
Presented to President’s Cabinet. INTERNAL CONTROLS are the integration of the activities, plans, attitudes, policies and efforts of the people of an.
AMA 112 Credentials and Employment. Externship Responsibilities Responsibilities - dependability - professionalism - well groomed Guidelines for Success.
IAEA International Atomic Energy Agency Reviewing Management System and the Interface with Nuclear Security (IRRS Modules 4 and 12) BASIC IRRS TRAINING.
Chapter 5 Internal Control over Financial Reporting
MARKETING YOUR RIM PROGRAM 2007 ARMA SOUTHEAST REGION EDUCATIONAL CONFERENCE.
Fundamentals of Evaluation for Public Health Programs ROBERT FOLEY, M.ED. NIHB TRIBAL PUBLIC HEALTH SUMMIT MARCH 31,
NETWORKING ESSENTIALS. 2 PRIOR TO NETWORKING… REMINDER: KNOW YOURSELF Skills Skills Interests Interests Personality Personality Values Values.
You’ve Got What It Takes: Peer Training and Mentoring for Staff Development You’ve Got What It Takes: Peer Training and Mentoring for Staff Development.
The Medical Assistant as Office Manager Chapter 22 ICBS 120.
Ch. 14 Notes: Preparing and Planning to Manage  What is a Manager?  Is it Different than a Leader?  Examples?  What do you think a Business values.
VOLUNTEER TRAINING Holly Springs Elementary School STEM Academy
Presentation Reprised from the NASFAA 2014 Conference By Pamela Fowler University of Michigan Ann Arbor Getting a Seat at the Table 1.
Privacy Project Framework & Structure HIPAA Summit Brent Saunders
ISO GENERAL REQUIREMENTS. ISO Environmental Management Systems 2 Lesson Learning Goals At the end of this lesson you should be able to: 
UNIT 15 WEEK 9 CLASS 1 LESSON OVERVIEW Pete Lawrence BTEC National Diploma Organisational System Security.
Getting Cancer Control Message to Policy Makers ~ Kent Hartwig Advocacy Strategies, LLC October 11, 2013.
Community Board Orientation 6- Community Board Orientation 6-1.
704: Conducting Business in Fiscally Challenging Times: Strategies and Tools to Get There PCYA Leadership Academy Presentation March 28, 2012.
Managing a Small Audit Office: The Office of Inspector General at the SEC ( )
CSI Leader Orientation – 101 Presented By:. To advance the process of creating and sustaining the built environment for the benefit of the construction.
College Reviews An Overview Presented by Howard Lutwak, CIA Director of Internal Audit January 2004.
Time to Support PGES. Think and Share Let’s say a new teacher’s management skills result in a loss of instructional time. To solve the problem you ask.
ISO DOCUMENTATION. ISO Environmental Management Systems2 Lesson Learning Goals At the end of this lesson you should be able to:  Name.
Disaster Planning Workshop Hosted By: Pleasantview Fire Protection District.
Performance Evaluation
Elementary School Administration and Management GADS 671 Section 55 and 56.
Customs & Trade Solutions, Inc © Developing A Training Program WESCCON October 16, 2004.
Positive Behavior Interventions & Supports Family & Community Team Member Network Meeting Thank you for coming! Please make yourself comfortable.
Employee Satisfaction Survey Results 2015 v Employee Satisfaction Survey Results 2015 v Work Areas 2015 Response Count 2014 Response Count.
Ch. 14 Notes: Preparing and Planning to Manage  What is a Manager?  Is it Different than a Leader?  Examples?  What do you think a Business values.
Page: 1 Branding, Networking & Pitching Mike Tannenbaum, President Key Strategies, LLC
AREA REP SUPPORT SKILLS B. This training follows Skill Building A Area Reps will continue with advanced trainings Area Reps will join monthly support.
CMGT 400 Entire Course CMGT 400 Week 1 DQ 1  CMGT 400 Week 1 Individual Assignment Risky Situation  CMGT 400 Week 1 Team Assignment Kudler Fine Foods.
AUDIT STAFF TRAINING WORKSHOP 13 TH – 14 TH NOVEMBER 2014, HILTON HOTEL NAIROBI AUDIT PLANNING 1.
CMGT 400 GUIDE Real Success CMGT 400 Entire Course FOR MORE CLASSES VISIT CMGT 400 Week 1 Individual Assignment Risky Situation CMGT.
Human Resource Champions: The Next Agenda for Adding Value and Delivering Results Presented by Ivan Chang.
Privacy Project Framework & Structure
Where We Are OVERVIEW Lesson 1: Course Overview
Accreditation Support for Teachers
Presentation transcript:

Tips and Ideas to Help Sell Your Security Program Practical Lessons Learned as the Principal Security Officer in Systems at the Social Security Administration

Agenda for This Talk Periodically, assess the health of your security program Periodically, assess the health of your security program Network to maximize your resources Network to maximize your resources Stay abreast of new governing directives, emerging technologies, audit reports… Stay abreast of new governing directives, emerging technologies, audit reports… Communicate with management regularly Communicate with management regularly Let KISS be the rule for all briefings and presentations to sell your security program Let KISS be the rule for all briefings and presentations to sell your security program

Determine the Security Health of Your Work Environment Know your management’s expectations – Check periodically because it is not static Know your management’s expectations – Check periodically because it is not static Review previous audits, reviews, etc. that can help you determine known challenges Review previous audits, reviews, etc. that can help you determine known challenges Depending on your scope of responsibility and authority, make a list of things to do and/or delegate to others based on NEED Depending on your scope of responsibility and authority, make a list of things to do and/or delegate to others based on NEED Keep management abreast of security accomplishments/challenges/key changes Keep management abreast of security accomplishments/challenges/key changes

Networking is Important Establish and maintain internal/external networks – peers are a valuable asset Establish and maintain internal/external networks – peers are a valuable asset Find ways to partner with managers and other key people outside of security staff Find ways to partner with managers and other key people outside of security staff When you have more to accomplish than the resources available, be creative in finding others who will benefit from project When you have more to accomplish than the resources available, be creative in finding others who will benefit from project Share the glory and show your gratitude in ways that COUNT to the recipient! Share the glory and show your gratitude in ways that COUNT to the recipient!

Stay Informed Maintain primary references and know where/how/who to find secondary sources Maintain primary references and know where/how/who to find secondary sources Basic KSAs are needed to perform well Basic KSAs are needed to perform well Stay tuned to NIST, GAO, OMB, OIG, etc. Stay tuned to NIST, GAO, OMB, OIG, etc. Keep alert about new projects, challenges, organizational changes, policies, laws, etc. Keep alert about new projects, challenges, organizational changes, policies, laws, etc. Read about new technologies/techniques Read about new technologies/techniques Review audit reports, security reviews, etc. Review audit reports, security reviews, etc.

Communicating with Senior Management Communicate at the level of relevance Communicate at the level of relevance Communicate regularly by being creative Communicate regularly by being creative Focus on the business case vs. penalty Focus on the business case vs. penalty KISS test all briefings, be specific, never mention a problem without solutions, ask open questions and seek council/advice KISS test all briefings, be specific, never mention a problem without solutions, ask open questions and seek council/advice Always include some good news Always include some good news Be prepared and provide timely follow-up Be prepared and provide timely follow-up

Selling Security Document substantive security briefings as a security awareness activity. Document substantive security briefings as a security awareness activity. Meet program/project managers regularly to assist them in assessing risks, knowing their security responsibilities, etc. Meet program/project managers regularly to assist them in assessing risks, knowing their security responsibilities, etc. Customize interesting awareness activities to meet the needs of the audience Customize interesting awareness activities to meet the needs of the audience Be committed, enthusiastic, simplistic, and relevant to real world needs/experiences Be committed, enthusiastic, simplistic, and relevant to real world needs/experiences

Stay Informed and Share knowledge Willingly You may need to do homework again! You may need to do homework again! Stay focused on the business reasons for mitigating risks vs. the legal requirements Stay focused on the business reasons for mitigating risks vs. the legal requirements Efficient, almost non-disruptive strategies to address weaknesses are easier to sell Efficient, almost non-disruptive strategies to address weaknesses are easier to sell Seek innovative ways to teach the ABCs of security outside the classroom setting Seek innovative ways to teach the ABCs of security outside the classroom setting A series of short relevant briefings may be easier to sell than a lengthy training class A series of short relevant briefings may be easier to sell than a lengthy training class

Concluding Thoughts A positive attitude and your willingness to make all communications relevant are essential A positive attitude and your willingness to make all communications relevant are essential Routinely sharing articles and websites of potential interest are best when accompanied by a synopsis and comment on relevance. Routinely sharing articles and websites of potential interest are best when accompanied by a synopsis and comment on relevance. Communications are often better late in the day Communications are often better late in the day Volunteer: join project teams, prepare briefings on security related documents, sell yourself as one who prevents, detects and solves problems! Volunteer: join project teams, prepare briefings on security related documents, sell yourself as one who prevents, detects and solves problems!

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.