Consider for a moment the most vital operation in your enterprise. It might run financial processing around the world, control a city's electrical distribution, or handle millions of passengers' airline reservations. What happens to your business if the computers directing such operations are hacked, sabotaged or shut down - if customers can't process transactions or global airline reservations go dark? Facing such frightening scenarios, it's not surprising to imagine that many information security leaders might want to shut the door and say no to initiatives that might threaten their delicately balanced security operations.
In this paper, based on our experience, we will outline five functions to help create a pragmatic, progressive, organizational structure for enterprise security, one that balances innovation with risk and can transform the departmental culture from "No" to "Yes, here's how."