3099 leveraging cybersecurity skills for career …...systems security: a comprehensive model,” by...

2016‐09‐08

1

www.cybersecurityleadership.com


Dr. Mansur Hasib, CISSP, PMP, CPHIMSProgram Chair, Cybersecurity Technology

“We are working on 93,000 dreams, what is yours?”


LEVERAGING CYBERSECURITY SKILLS FOR CAREER SUCCESS

2016‐09‐08

2

www.cybersecurityleadership.comwww.cybersecurityleadership.com

• Evolution of Cybersecurity • Cybersecurity as People Powered Perpetual Innovation• How You Can Join the Movement and Succeed

Audience Participation Welcome Anytime

AGENDA


• Maximize Confidentiality, Integrity, and Availability

• Countermeasures: Technology, Policy and Awareness Training

Note. Adapted from “Information systems security: A comprehensive model,” by J. McCumber, 1991, October. Paper presented at the 14th National Computer Security Conference, National Institute of Standards and Technology, Baltimore, MD.

STATIC INFORMATION SECURITY MODEL ‐ 1991

OBSOLETE: PLEASE DO NOT USE ANYMORE

2016‐09‐08

3


INFORMATION ASSURANCE MODEL ‐ 2001

Note. Adapted from “A Model for Information Assurance: An Integrated Approach,” by W. V. Maconachy, C. D. Schou, D. Ragsdale, and D. Welch, 2001, June. Paper presented at the 2001 IEEE Workshop on Information Assurance and Security, United States Military Academy, West Point, New York: New York.

OBSOLETE: PLEASE DO NOT USE ANYMOREwww.cybersecurityleadership.com


THE DYNAMIC CYBERSECURITY MODEL

2016‐09‐08

4


Cybersecurity is the mission focused and risk optimized management of information, which maximizes confidentiality, integrity, and availability using a balanced mix of people, policy, and technology while perennially improving over time.

‐Mansur Hasib, 2016

CYBERSECURITY DEFINED



CYBERSECURITY HAS A BUSINESS PURPOSE

Source: US Cybersecurity Magazine, Winter 2015 Issue


2016‐09‐08

5


LawyersSociologistsPsychologists

WritersLinguists

Political ScientistsCommunicationsEducators/Trainers

NON‐STEM PEOPLE CRITICAL IN CYBERSECURITY



People Innovate, Machines Do Not

Without People Powered Innovation, Cybersecurity Impossible

People Aren’t the “Weakest Link” – They Are Our Greatest Strength!!

THE VITAL ROLE OF PEOPLE IN INNOVATION


2016‐09‐08

6


Cybersecurity=Digital Strategy=Business StrategyEveryone Handles Data

Everyone Uses TechnologyPersonal and Work Life Difficult to Distinguish

Concept of Going to Work ChangingTechnology Affects Everything

Human Relationships Through TechnologyPower of Communications Democratized

People Work from Where they Are

THE MODERN BUSINESS ENVIRONMENT



70% of Innovation at Micro Level – Low Risk

30% of Innovation at Macro Level – High Risk

UNDERSTANDING PERENNIAL INNOVATION


2016‐09‐08

7


» Develop Cybersecurity Culture» Engage People at all Levels

» Inspire, Educate» Learn and Teach Perennially

» Focus on Increasing Technical Proficiency and Empowerment» Teamwork, Communications, Transparency

» Develop Leaders not Followers» More Decisions at Lower Levels of Organization


CYBERSECURITY IS NOT A ONE BRAIN SPORT


» People are Human Capital» People Must Enjoy Fruits of Innovation

» Loyalty of People Must Be Earned» Base Cybersecurity Education on Cybersecurity Model

» Lead People, Manage Resources

INSPIRING HUMAN INNOVATION


2016‐09‐08

8


Personal ValuesOrganizational ValuesDoing the Right Thing

Focus on the Mission of the OrganizationSharing the Benefits of Success

Making Raving Fans Out of Customers

ETHICAL LEADERSHIP – WHAT DO YOU STAND FOR?



Loyalty of Workers and Customers

Long Term Profitability

High Degree of Happiness

High Productivity and Innovation

Talk of the Town

Better Cybersecurity

BENEFITS OF ETHICAL LEADERSHIP


2016‐09‐08

9


If You Lead You Will Not Need to Manage

Business and Innovation:

For People, About People, With People

KEY POINTS



OPMAnthem

Community Health SystemsMontana Health Department

Xerox State HealthcarePremera Blue Cross

TargetHome Depot

LOOK FOR ORGANIZATION FLAWS … WHO IS IN CHARGE?


2016‐09‐08

10


Lack of Executive LeadershipAccountability Missing

Failure to Understand Mission SuccessJaundiced Analysis of Risk

Blame TechnologyBlame Foreign Actors

“Sophisticated Attack”=Stagnation

ACCOUNTANTS ARE UNPREPARED FOR CYBERSECURITY



Business Programs Do Not Teach IT and Cybersecurity

IT and Cybersecurity Programs Do Not Teach Business

Ethical Leadership as a Foundation for Business Success Not Stressed

PROBLEMS ALSO LIE IN GRADUATE EDUCATION TODAY


2016‐09‐08

11


Students Being Told to Discard Emotions to Succeed in MBA

Programs

Emotions are Your Ethical Barometer!

SERIOUSLY DEFICIENT AND OUTDATED CURRICULUM



Incentives for Ethical Leadership LackingHuman Capital is an Expense

Future Value Not Considered for HumansPublic Policy and Accounting Changes Essential

FUNDAMENTAL FLAW IN ACCOUNTING/POLICY


2016‐09‐08

12


Dire Need for IT and Cybersecurity Strategists in C‐SuiteCFOs Run Cybersecurity in Too Many Organizations

The Need for Ethical LeadershipA New Breed of CIOs NeededA New Breed of CISOs NeededA New Breed of CEOs Needed

Closer CEO/CIO Partnerships Powerful for OrganizationsCIO Moves to CEO Positions Have Been Powerful

CHALLENGES/OPPORTUNITIES



MASTER OF SCIENCE DEGREES AT UMUC

Cybersecurity TechnologyCybersecurity Management and Policy

Digital Forensics and Cybersecurity Investigations Information Assurance and Operations

Covers Cybersecurity Model, All Majors Welcome


2016‐09‐08

13


TEACHING MODEL

Learn By Applying KnowledgeMultiple Opportunities for Success

Mostly Practitioner/Scholar Doctoral FacultyLeadership, Business Thinking, Holistic Risk Management

Creating Business Executives of the Future

Let Accountants Be Accountants



SUCCESS IN THE FIELD

Be HappyBe the BestBe AmbitiousBe StrategicBe AwareBe CuriousBe FriendlyBe Thankful

Be CEOs of the Future


2016‐09‐08

14


[email protected]: @mhasib

QUESTIONS/DISCUSSIONS/CONTACT INFORMATION

References: Hasib, M. (2015). Cybersecurity Leadership (ebook, paperback, audio)

3099 leveraging cybersecurity skills for career …...systems security: a comprehensive model,” by...

Documents