Security essentials for CIOs: Establishing a Department of Yes
What happens to your business if the computers directing such operations are hacked, sabotaged or shut down? With these situations in mind, many information security leaders might want to shut the door and say no to initiatives that might threaten their delicately balanced security operations.
In order to embrace the opportunity for innovation, IT security must evolve from a culture of "no" to "yes". Security has to expand its role into the operations of the enterprise, so that each new idea or initiative is conceived and designed with security challenges in clear focus and the appropriate response baked in. This IBM white paper outlines five functions it creates a pragmatic, progressive, organizational structure for enterprise security, one that balances innovation with risk.