Home page logo

educause logo Educause Security Discussion mailing list archives

Re: success stories
From: Brenda B Gombosky <brenda.gombosky () LOUISVILLE EDU>
Date: Wed, 19 Nov 2008 15:07:24 -0500

Kathy I regularly send out breach reports to senior management and even though I am a member of senior management - I 
use these to get my points across and it is quite effective.  I was able to procure funding for whole disk encryption 
just recently.  I say, bombard them with information. There are several sites but this one deals with Educational 
Security Incidents - http://www.adamdodge.com/esi/ 
Brenda B. Gombosky, CISSP, CISM, CHSP
Director, Enterprise Security  
Information Technology
University of Louisville
Miller IT Center, Room 109
Louisville, KY 40292

Kathy Bergsma <kbergsma () UFL EDU> 11/19/2008 2:21 PM >>>
I'm interested in hearing about your success stories engaging senior
management support for security initiatives.  What methods worked at your 
institution?  I've suggested some methods below.  Let me know which ones have 
worked for you and identify others ideas not listed.

Fear, uncertainty and doubt
Metaphors and analogies
Comparison with peer institutions
Financial benefits such as ROI (return on investment)
Leverage an incident
Working behind the scenes
Ask forgiveness rather than permission
Little by little baby steps
Relationship building with key players?  Who are the key players
Other ideas

Kathy Bergsma
UF Information Security Manager

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]