Have you ever joined a security organization after it lost credibility within the business (for instance, after a major breach)? What did you do to build it back up?

Security & GRC Security Strategy & Roadmap

3k views1 Upvote3 Comments

Sort by:

Senior Information Security Manager in Software2 years ago

Not directly.

But some years ago I was involved with the ISSA Generally Accepted Information Security Principles (GAISP) project.
Since it was 100% volunteer-based and had no real leadership, it just sort of petered out.

CIO in Government2 years ago

I myself have not been involved with an organization that has had a major security problem. Helped an organization with a security (ransomware) problem. Most important was solving first. Provide the right information to the public and, after recovery, communicate openly and transparently about the attack, the steps taken and the approach to recovery. Of course within the standards of security and privacy. This restored confidence in the organization and normal services were quickly restored.

Senior Director Engineering in Travel and Hospitality2 years ago

Not a security organization, but in the past I have joined a place which had lost its reputation due to other reasons. Its almost like building it back from scratch, like any startup would. Take small steps in building trust, and ensure you pay high level attention to customer retention. If you are truthful and open, people will gain back trust.

Content you might like

Which key pentesting capability do current AI-driven vendor solutions most fail to cover?

Why do you think there are so few mature AI-driven autonomous pentesting solutions on the market, and why does this topic seem to generate more hype than in-depth technical discussion?

Is footprinting an effective way to do vulnerability management?

Very effective1%

Somewhat effective52%

Slightly effective31%

Slightly ineffective8%

Somewhat ineffective3%

Not at all effective

Not sure yet1%

View Results

Can you share any tips for new security leaders to identify blind spots in their organization? How have you approached this when starting a new role in the past?

What would you say is the key component of your Security Awareness Program?

Video Training17%

Phishing Simulations63%

Infographics12%

Gaming5%

Other (please share below)

View Results

Have you ever joined a security organization after it lost credibility within the business (for instance, after a major breach)? What did you do to build it back up?

Sort by:

Content you might like

Which key pentesting capability do current AI-driven vendor solutions most fail to cover?

Why do you think there are so few mature AI-driven autonomous pentesting solutions on the market, and why does this topic seem to generate more hype than in-depth technical discussion?

Is footprinting an effective way to do vulnerability management?

Can you share any tips for new security leaders to identify blind spots in their organization? How have you approached this when starting a new role in the past?

What would you say is the key component of your Security Awareness Program?

What sets us apart?

RELATED ONE-MINUTE INSIGHTS

How are U.S. CISOs Addressing Liability Risk?

CrowdStrike Outage: Impact And Recovery

2024 Product Management Priorities and Challenges

Data-Driven Customer Experience: Uniting D&A and CX Teams

Navigating Economic Uncertainty in 2024: IT Leader Perspectives

Take Your Insights On-the-Go