A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Growing Up to be a Infosec Policy Driven Organization - (BSides Nashville 2018) (Hacking Illustrated Series InfoSec Tutorial Videos)

Growing Up to be a Infosec Policy Driven Organization

Frank Rietta
frankrietta

BSides Nashville 2018
http://bsidesnash.org

Internet software as a service (SaaS) companies with the need to protect private consumer information do not start out as a big organization with defined roles and separation of duties. They start out as a couple of founders, then a developer or two, and grow from there. Then as the team grows there may suddenly appear an external security requirement when a possible enterprise contract inquires about the status of the written information security policy or for other information about the organization's security governance. Now the core team that may still only be a few developers and a small business team need to define and adopt policies or forego the business. This talk is about that journey from being a small agile team to being one whose operations have documented security policy and procedures without needlessly overwhelming the business or operations.

Back to BSides Nashville 2018 list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2016, IronGeek
Louisville / Kentuckiana Information Security Enthusiast