> IBM Corporation > Why Communication Fails: Five Reasons the Business Doesn't Get Security's Message
 

Why Communication Fails: Five Reasons the Business Doesn't Get Security's Message

White Paper Published By: IBM Corporation
IBM Corporation
Published:  Jun 01, 2011
Type:  White Paper
Length:  4 pages

One of the most serious problems facing security and risk management professionals is the inability to communicate effectively with the enterprise—resulting in security and risk management efforts that fail to meet the needs of the business.

CISOs must effectively communicate to business leaders and key stakeholders how security implications including validating that the appropriate security controls are in place can significantly impact their exposure to risk.

Gartner has identified five key failures in crucial interactions between security and risk professionals and their client:
1. Security and risk management professionals speak a “language” that few people outside their discipline fully understand.
2. Security and risk management professionals have seldom been trained in how to communicate in a business setting.
3. Business leaders are extremely busy.
4. Business leaders find it difficult to express their concerns in terms that security and risk professionals understand.
5. The business finds it extremely difficult to identify its own risk appetite.



Tags : 
ibm, gartner, communication, security message, enterprise risk management, jeffrey wheatman, chief information security officer, ciso

Already a subscriber? Log in here
Please note you must now log in with your email address and password.