Aligning Cyber Strategy to the Business

Image source: Article

Image source: Article

To quote Lewis Carrol, from Alice’s Adventures in Wonderland:

‘Would you tell me, please, which way I ought to go from here?’
‘That depends a good deal on where you want to get to,’ said the Cat.
‘I don’t much care where —’ said Alice.
‘Then it doesn’t matter which way you go,’ said the Cat

It might sound like a relaxing way to go through life, but it is one we cannot follow in security. After all, data breaches and disruptions of service come from weaknesses where you have not put in place enough protection. All those paths are essentially a broader attack surface.

Business strategy is often based on a ‘vision, strategy, immediate action’ model. The organizational vision is the factor you might use to inspire, propel and focus. A good vision statement defines a desired end-state, so that your team can feel they are part of a broader goal. It also often makes reference to what you will not do. Sometimes, you need to say ‘no’ or stop doing a certain thing to focus your attention.

Read the full article