Have you lost track of the risks that may or may not impact your security? How good are the facts you base your security decisions on? Does your organisation follow defined procedures in terms of deploying, monitoring or evaluating security measures? Who decides what’s next and what’s being phased out? Is there a way to get more sleep while fencing off risk factors at the same time?
It’s very easy to get lost in the details and drown in the various tools of the security trade. Every day something happens. A single 0day can ruin your meticulously designed schedule. It would be nice to get a grip on the dynamics and introduce more stability. CIOs need to address the Big Picture. That’s exactly why we mentioned security management in our CfP. We’d like to talk about Big Picture issues at DeepSec 2011, too. Claiming that the Internet (or any other technology) simply isn’t secure enough won’t do. If you know how companies and individuals can still make use of the Internet (or any other technology) without getting exploited/abused/attacked, let’s hear it. Don’t let CIOs die of fear of the unknown. ☻