Security professionals should get a public relations makeover to help them sell infosec to management, a security consultant says.
Speaking at the Bsides London conference, security consultant Brian Honan said that rather than become frustrated at managements lack of interest in investment in security, IT should sell security to the board.
“The management opinion is 'fix it' and yours is 'give me money'," Honan said.
“We think that management are stupid but this is not the case, they are people who built the internet and are not experts on IP law or data protection, so it is up to us to present in a concise way and make issues to present to the board.”
It was important Honan said to consider how management thought and to realise security had its "own language".
“Forget about costs: Present your business case to the management, tell them that you need to spend and it is not just a new box,” he said.
He said management disliked uncertainty so security professionals must align with business priorities, and focus on how security could help the business.
_(28).jpg&h=140&w=231&c=1&s=0)
_(20).jpg&h=140&w=231&c=1&s=0)
_(23).jpg&h=140&w=231&c=1&s=0)
_(26).jpg&w=100&c=1&s=0)
iTnews Executive Retreat - Security Leaders Edition
_(1).jpg&h=140&w=231&c=1&s=0)
