Closing The Gap Between The Current Corporate Cyber Security Risk Profile And What Is Needed To Protect Our Nations Critical Information Structure

Share Article

BusinessEdge Solutions and the University of Southern California answer the question of what to do when technology can’t solve all of an organizations security issues.

Closing The Gap Between The Current Corporate Cyber Security Risk Profile And What Is Needed To Protect Our Nations Critical Information Structure

BusinessEdge Solutions and the University of Southern California answer the question of what to do when technology can’t solve all of an organizations security issues.

Doug Graham and Yaron Raps, solution partners at BusinessEdge Solutions Inc., spoke at the April 20th Institute for Critical Information Infrastructure Protection (ICIIP) executive briefing hosted by the Marshall School of Business at the University of Southern California. ICIIP is a public-private partnership consisting of critical sector infrastructure companies, academic researchers and experts in executive education. BusinessEdge Solutions Inc. is an industry-focused business and technology-consulting firm offering strategy, process optimization and solution integration to clients in the communications, media and content industries.

ICIIP’s mission is to close the gap between the current corporate cyber security risk profile and what is needed to protect our nation’s critical information infrastructure.

The BusinessEdge presentation, “Architecture -Aligning Organization and Technology” addressed the subject of Systemic Security Management (SSM.) SSM describes an approach to security that encourages companies to make it an enterprise-wide focus not just a functional responsibility. SSM is about the management of the 'tension' points between people, process, technology and organization. These 'tension' points: governance, culture, architecture, emergence, human factors and enablement are the areas enterprises need to manage in order to effectively and efficiently protect their physical and digital assets. The management issue is one of leadership, leadership that 'does the right thing' and is not limited to the traditional confines of ROI. SSM is a management approach to security that serves the extended enterprise, going well beyond the boundaries of the company to include not just people, process, technology and organization, but also partners, suppliers, customers and communities. The SSM approach advocates that an enterprise does not just buy security, but genuinely buys in to security in a similar manner to the principles behind Total Quality Management.

Graham and Raps explained how the links between an organizations strategy, technology, processes and people “nodes” create “tensions” that must flex and contract as the situation dictates. When technology can’t solve all of an organizations security issues, organizations must be prepared to address the issues by adjusting the connected “nodes” or the “tensions.”

A case study on how BusinessEdge had effectively implemented SSM at one of their Communications clients focused on how technology could not solve many of the security issues in areas where concepts are new and standards are still emerging. BusinessEdge led the convergence of multiple departments through educational sessions, workshops, risk assessments, company strategy revision, product definition revision and architectural design, creating a comprehensive security architecture that had the ability to span across multiple services and customer types.

The presentation was attended by over 60 corporate, academic and government participants. “The telecom case study presented by BusinessEdge's Doug Graham and Yaron Raps provided an excellent example of how to manage all those 'moving parts' to not just implement change when installing a new architecture but how to continue to incorporate security into the very fabric of the organization well beyond the compliance level of security toward a commitment base and systemic level of security” stated Charles Meister, Executive Director of ICIIP, Marshall School of Business, USC.

One security professional said “I found the presentation very interesting and certainly in line with my views of security management and integration of security into the fabric of an organization.” He went on to say that it was a “great presentation and strategic focus for security professionals. Very useful framework.”

Eric Oksendahl, Staff Chief Security Officer at Boeing stated “I think SSM is an important developing body of work at ICIIP that can contribute immeasurably to working security issues in commercial enterprises.”

About BusinessEdge:

BusinessEdge Solutions Inc. drives competitive advantage for its clients by leveraging its vertical domain thought leadership and asset-leveraged consulting enabled by pre-engineered business and technology solution frameworks to reduce the time, cost and risk of delivering breakthrough results. BusinessEdge is distinctive among consulting firms in that its multidisciplinary consultants have an average of 15 years of industry-specific experience and expertise. This strong industry knowledge and technology know-how is at the core of the company’s unwavering commitment to create vision for its clients – and is the driver behind its delivery of high-impact business solutions. See http://www.businessedge.com for a more detailed view of the firm’s expertise and a complete listing of all its capabilities and solutions.

###

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Patrick Mullen