Cybersecurity Manager

Posted by Klea Duro on Jul 21, 2023 8:15:00 AM

What does it mean to be a cybersecurity manager?

handshake

 

What are the suggestions, the attention points to get as much as possible on this key issue in the company?

The Cybersecurity Manager's Guide

A book (150 pages more or less) published by O'Reilly and written by Todd Barnum who brings his many years of experience in IT security and CISO roles to the companies where he has worked.

 

book cyber

But which are the most interesting aspects (in my opinion)?

I found the book interesting precisely because it talks about the lived experience. About trials, tests, failures and successes. And on several aspects I found myself very much.

 

Hence, interesting to be able to experiment and drop suggestions on one's own reality. So it reminded me of what we do (or try to do) through our content.

 

Starting with the first "facts" in the company that is:

  • No one in the company, other than the people in charge of corporate security, gives much attention to the aspects of data security and protection
  • No one in the company knows exactly what is entailed by dealing with data security
  • The culture of fear

 

Especially this last point is interesting. Just as we often pay much more attention to "bad" news in the newspapers (did you know that there is a site that only talks about positive news?). Even in the case of cyber security, it is the fear that often makes budgets shift on these issues.

 

Forgetting sometimes that technology, at least for now, is only one of the important aspects.

 

We are always looking for the most innovative (and expensive) technology to "solve" a problem but it cannot always be solved by software (in some cases, corporate education on these issues can prevent potential problems).

 

But what does it mean to educate on these issues?

  • Communicating (in different directions and at different levels)
  • Training
  • Having a plan
  • Setting priorities

 

That's in a nutshell what Todd recounts in his book.

 

Last relevant note in my opinion, for the connection between SAP Security and IT Security we have already talked about it here, is the one between IT security and Audit. Quite telling is the experience Todd reports (which I won't disclose to leave you in doubt) on which I very much agree (Chapter 11) and we have also discussed it here (Functional stupidity (digital stupidity) in Cyber Security)

 

Iscriviti al blog se ancora non lo hai fatto!

 

Topics: cyber securitydata loss preventioncyber security culture

Yes Subscribe!

Blog Aglea, what you could find out?

Every Friday a new post, interview or content related to SAP Security.

  • Tips on how to design SAP Security
  • How to
  • Checklist
  • Common error and pitfall on security SAP
  • Interview with experts
  • Who we are and Aglea vision on SAP Security

Recent Posts

Post By Topic

See all

SAP Security Blog AGLEA RSS Feed

Aglea s.r.l. - Subject to the management and coordination of Horsa S.p.A. - P. IVA: IT 03868780960 - 2024 | Privacy Policy - Cookie Policy