Agility and Rapid Innovation through the Ten Dimensions of Cyber Security Performance presented at BSideSLA 2013

by Russell Cameron Thomas,

Summary : Are you interested in promoting agility and rapid innovation in enterprise-level information security, privacy, and IP protection? This is beyond “adopting best practices” and “capability maturity”. It’s about matching the innovation clockspeed of the threat agent ecosystem. You won’t get there by adopting static methods or frameworks that are little more than “bags of practices”. Instead, I’m proposing Ten Dimensions to focus on performance, not just practices, and they focus attention on continuous improvement and organization learning — two aspects of InfoSec that are often overlooked and poorly managed. In this presentation, we’ll walk through each of the Ten Dimensions so you’ll see what’s new and what’s familiar. Then, we’ll discuss several practical scenarios and use cases to show how the use of these Ten Dimensions can dramatically improve effectiveness and quality, and also improve buy-in by business people and executives.