Presentation is loading. Please wait.

Presentation is loading. Please wait.

Tips and Ideas to Help Sell Your Security Program Practical Lessons Learned as the Principal Security Officer in Systems at the Social Security Administration.

Published byAllyson Barrett Modified over 9 years ago

Similar presentations

Presentation on theme: "Tips and Ideas to Help Sell Your Security Program Practical Lessons Learned as the Principal Security Officer in Systems at the Social Security Administration."— Presentation transcript:

1 Tips and Ideas to Help Sell Your Security Program Practical Lessons Learned as the Principal Security Officer in Systems at the Social Security Administration

2 Agenda for This Talk Periodically, assess the health of your security program Periodically, assess the health of your security program Network to maximize your resources Network to maximize your resources Stay abreast of new governing directives, emerging technologies, audit reports… Stay abreast of new governing directives, emerging technologies, audit reports… Communicate with management regularly Communicate with management regularly Let KISS be the rule for all briefings and presentations to sell your security program Let KISS be the rule for all briefings and presentations to sell your security program

3 Determine the Security Health of Your Work Environment Know your management’s expectations – Check periodically because it is not static Know your management’s expectations – Check periodically because it is not static Review previous audits, reviews, etc. that can help you determine known challenges Review previous audits, reviews, etc. that can help you determine known challenges Depending on your scope of responsibility and authority, make a list of things to do and/or delegate to others based on NEED Depending on your scope of responsibility and authority, make a list of things to do and/or delegate to others based on NEED Keep management abreast of security accomplishments/challenges/key changes Keep management abreast of security accomplishments/challenges/key changes

4 Networking is Important Establish and maintain internal/external networks – peers are a valuable asset Establish and maintain internal/external networks – peers are a valuable asset Find ways to partner with managers and other key people outside of security staff Find ways to partner with managers and other key people outside of security staff When you have more to accomplish than the resources available, be creative in finding others who will benefit from project When you have more to accomplish than the resources available, be creative in finding others who will benefit from project Share the glory and show your gratitude in ways that COUNT to the recipient! Share the glory and show your gratitude in ways that COUNT to the recipient!

5 Stay Informed Maintain primary references and know where/how/who to find secondary sources Maintain primary references and know where/how/who to find secondary sources Basic KSAs are needed to perform well Basic KSAs are needed to perform well Stay tuned to NIST, GAO, OMB, OIG, etc. Stay tuned to NIST, GAO, OMB, OIG, etc. Keep alert about new projects, challenges, organizational changes, policies, laws, etc. Keep alert about new projects, challenges, organizational changes, policies, laws, etc. Read about new technologies/techniques Read about new technologies/techniques Review audit reports, security reviews, etc. Review audit reports, security reviews, etc.

6 Communicating with Senior Management Communicate at the level of relevance Communicate at the level of relevance Communicate regularly by being creative Communicate regularly by being creative Focus on the business case vs. penalty Focus on the business case vs. penalty KISS test all briefings, be specific, never mention a problem without solutions, ask open questions and seek council/advice KISS test all briefings, be specific, never mention a problem without solutions, ask open questions and seek council/advice Always include some good news Always include some good news Be prepared and provide timely follow-up Be prepared and provide timely follow-up

7 Selling Security Document substantive security briefings as a security awareness activity. Document substantive security briefings as a security awareness activity. Meet program/project managers regularly to assist them in assessing risks, knowing their security responsibilities, etc. Meet program/project managers regularly to assist them in assessing risks, knowing their security responsibilities, etc. Customize interesting awareness activities to meet the needs of the audience Customize interesting awareness activities to meet the needs of the audience Be committed, enthusiastic, simplistic, and relevant to real world needs/experiences Be committed, enthusiastic, simplistic, and relevant to real world needs/experiences

8 Stay Informed and Share knowledge Willingly You may need to do homework again! You may need to do homework again! Stay focused on the business reasons for mitigating risks vs. the legal requirements Stay focused on the business reasons for mitigating risks vs. the legal requirements Efficient, almost non-disruptive strategies to address weaknesses are easier to sell Efficient, almost non-disruptive strategies to address weaknesses are easier to sell Seek innovative ways to teach the ABCs of security outside the classroom setting Seek innovative ways to teach the ABCs of security outside the classroom setting A series of short relevant briefings may be easier to sell than a lengthy training class A series of short relevant briefings may be easier to sell than a lengthy training class

9 Concluding Thoughts A positive attitude and your willingness to make all communications relevant are essential A positive attitude and your willingness to make all communications relevant are essential Routinely sharing articles and websites of potential interest are best when accompanied by a synopsis and comment on relevance. Routinely sharing articles and websites of potential interest are best when accompanied by a synopsis and comment on relevance. Communications are often better late in the day Communications are often better late in the day Volunteer: join project teams, prepare briefings on security related documents, sell yourself as one who prevents, detects and solves problems! Volunteer: join project teams, prepare briefings on security related documents, sell yourself as one who prevents, detects and solves problems!

10

Download ppt "Tips and Ideas to Help Sell Your Security Program Practical Lessons Learned as the Principal Security Officer in Systems at the Social Security Administration."

Similar presentations

Volunteer Orientation Buchanan County Emergency Management.

Volunteer Orientation Buchanan County Emergency Management.
Role of Senior Management

Role of Senior Management
What Employers are Looking for in YOU!. Objectives Discuss key skills Employers look for in a successful Intern or New-hire. Discuss key skills Employers.

What Employers are Looking for in YOU!. Objectives Discuss key skills Employers look for in a successful Intern or New-hire. Discuss key skills Employers.
What Every Post Award Administrator Needs to Know, But Was Afraid to Ask Felicia Mayes and Randi Wasik.

What Every Post Award Administrator Needs to Know, But Was Afraid to Ask Felicia Mayes and Randi Wasik.
Security awareness and cultural change “…from bad apples to good eggs…” Martin Smith MBE FSyI Chairman and Founder The Security Company (International)

Security awareness and cultural change “…from bad apples to good eggs…” Martin Smith MBE FSyI Chairman and Founder The Security Company (International)
1 Grant Process Proposal Preparation Proposal Writing Project Implementation Evaluation and Assessment Reporting.

1 Grant Process Proposal Preparation Proposal Writing Project Implementation Evaluation and Assessment Reporting.
INL’s Cellular Data Stipend Jonathan Homer NLIT 2009.

INL’s Cellular Data Stipend Jonathan Homer NLIT 2009.
Screen 1 of 24 Reporting Food Security Information Understanding the User’s Information Needs At the end of this lesson you will be able to: define the.

Screen 1 of 24 Reporting Food Security Information Understanding the User’s Information Needs At the end of this lesson you will be able to: define the.
Anita Hairston DOI Office of Acquisition and Property Management

Anita Hairston DOI Office of Acquisition and Property Management
Human Resource Champions: The Next Agenda for Adding Value and Delivering Results Presented by Ivan Chang.

Human Resource Champions: The Next Agenda for Adding Value and Delivering Results Presented by Ivan Chang.
SB113 Course Overview Risk, Resource and Opportunity Marc Compeau – 8/23/04.

SB113 Course Overview Risk, Resource and Opportunity Marc Compeau – 8/23/04.
Www.bitc.org.uk Business on Board Board Training Workshop Friday 7 November 2014.

Business on Board Board Training Workshop Friday 7 November 2014.
Risk Management Vs Risk avoidance William Gillette.

Risk Management Vs Risk avoidance William Gillette.
OHSAS 18001: Occupational health and safety management systems - Specification Karen Lawrence.

OHSAS 18001: Occupational health and safety management systems - Specification Karen Lawrence.
Using Situational awareness and decision making

Using Situational awareness and decision making
CRISIS COMMUNICATIONS PLANNING A rehearsal for crisis Planning is key.

CRISIS COMMUNICATIONS PLANNING A rehearsal for crisis Planning is key.
Computerised Maintenance Management Systems

Computerised Maintenance Management Systems
Policy? Guidance? Standard Operating Procedure? Tips on how to achieve compliance with minimum red tape Carolyn Bargoot, Associate Director Post-Award.

Policy? Guidance? Standard Operating Procedure? Tips on how to achieve compliance with minimum red tape Carolyn Bargoot, Associate Director Post-Award.
Control environment and control activities. Day II Session III and IV.

Control environment and control activities. Day II Session III and IV.
VOLUNTEER TRAINING HOLLY SPRINGS ELEMENTARY SCHOOL STEM ACADEMY 2014-2015 VOLUNTEER TRAINING 1.

VOLUNTEER TRAINING HOLLY SPRINGS ELEMENTARY SCHOOL STEM ACADEMY VOLUNTEER TRAINING 1.

Similar presentations

Ads by Google