With the heavy scrutiny that crises bring, even the terms you use can have an impact. When the time comes to phase down the crisis response, avoid using the terms…
Welcome to Rothstein Publishing!
How Can Enterprise Security Risk Management (ESRM) Help Your Security Program?
Find out now with your FREE Chapter!
You will:- Explore how security has traditionally been viewed both inside and outside of the security profession.
- Understand how ESRM can change the perception of security in your enterprise to help you better communicate the value of security risk management.
- See how ESRM is the best methodology to meet the changing global security risk climate.
Are you interested in getting published?
Rothstein Publishing publishes and distributes industry-leading, current content digitally and in print globally. We would like to hear about your ideas. For starters, we don't even need a completed manuscript. We are willing to look at your book idea at any stage of development, whether it’s a few ideas sketched on a napkin or a completed manuscript – or at any stage in between. Our team of editorial and subject matter experts will work with you at every step of the planning, writing, rewriting, editing, and publication of your work.
Creating a Culture of Cybersecurity
Even the best made cybersecurity governance programs cannot predict every situation that should be guided by a principle or policy. At some point, you will have to rely on the employees of your organization to do the right thing. How do you train every employee to do the right thing every time? The answer is you cannot; no amount of training will accomplish this. What you must do is change the culture of cybersecurity over time where doing the right thing becomes intuitive. Training will help, but is not the sole answer.
Common Root Cause Investigation Problems and Solutions
The following are typical reasons why most root cause incident investigation programs fail to live up to the organization’s expectations, from the book Root Cause Analysis Handbook: A Guide to Efficient and Effective Incident Investigation.There Is No Business Driver to Change
If the organization is performing acceptably with its current practices, then there is no significant driver to get personnel to change from their current behavior. The organization and the individuals in the organization need a reason to change, as most people do not like change. Investigating and learning from mistakes usually requires a change in the organization’s mind-set or behavior, and a powerful reason is needed to drive such change. This driver must be clearly tied into the rollout of the Root Cause Analysis (RCA) program.
Get your free chapter on Governance in the Resilient Organization from the book Principles and Practice of Business Continuity Tools and Techniques, by Jim Burtles.
In the first 15 chapters of Jim Burtles' book, you learn how and why you might approach the development and delivery of a successful and effective business continuity (BC) program. This process has involved exploring the tools, techniques, and products. By now, you should be in a position to practice this discipline in a professional manner, and this book has focused on the detail level at which BC is expected to operate and prove to be beneficial. Now, in this chapter, intended for both the experienced BC practitioner and a person entering the profession, you have a chance to look upwards and outwards to see where BC fits within your organization’s hierarchy and how it might filter upwards and penetrate downwards, as BC is integrated into your corporate culture.
In October 2016, the Risk Management cover story “Hack the Vote: Cyberrisk at the Ballot Box” highlighted many of the vulnerabilities in America’s election infrastructure. Continuing investigation in the wake…
I'm looking forward to attending the Continuity Insights conference in New York City on Monday, October 22, 2018.
If you're attending, be sure to introduce yourself.
If you haven't already registered, REGISTER…
What’s going to trip you up when you are facing your next crisis? Follow Bruce Blythe’s Five Guiding Principles of Crisis Leadership and don’t screw up. With his landmark book…
Crisis management may be defined as the exercise of common sense at lightning speed. Importantly, the effectiveness of crisis communication during the hours, days, and weeks it takes to resolve and recover from an event will prove essential to preserving the reputation, credibility, and morale of your organization.
My years of experience and observation of crisis response have made it abundantly clear that every business and organization is vulnerable to mistakes, mishaps, surprise events, and human error. We are all vulnerable! However, experience also demonstrates that it is a prudent organization that has studied its vulnerabilities, identified those that present the greatest risk, and gets ready with what it must do and say to respond quickly and effectively in the face of a crisis.
- Jim Lukaszewski
Get your free chapter!