IE 11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

RSA 2014: 5 Things to Put in Your Cybersecurity Policy

The ever-changing digital landscape requires IT professionals to be vigilant about keeping their cybersecurity programs up-to-date.

YouTube_RSA_Series_02
Dan Lohrmann
YouTube
Technology and malware exploits change so quickly that network administrators and government leaders may have a tough time keeping up. The only constant about the digital landscape is that it doesn’t stay the same for long.

We asked some experts at this year’s 2014 RSA Conference what advice they’d give to people writing or updating their cybersecurity policy.

1.    Be flexible
“I think there needs to be the recognition that, when you’re implementing a cyber program, you’re dealing with a number of different sectors, you’re dealing with different sized organizations across a whole range of issues, so flexibility is very important, because one size really can’t fit all. “
Jamie Brown, Director of Global Government Relations for CA Technologies

2.    Be specific when needed
“Cybersecurity policy in many cases, it’s very high level. It doesn’t get into helping people understand what their role is. How does this impact the end user, how does it impact your average state employee, your average city worker, [and] how do different situations get addressed?”
Dan Lohrmann, CSO of Michigan

3.    Create a collaborative, security-focused culture
“When you have a stakeholder-driven process, what you get is a real back-and-forth, iterative process where people are bouncing ideas off each other and ultimately, what comes out of that tends to be much more effective.”
Jamie Brown, Director of Global Government Relations for CA Technologies

4.    Mobility and social
“Mobility is a really big topic right now. It’s the extensibility of the enterprise out to individual devices and environments. And then social media, how is that handled in the enterprise, but also individualistically?”
Jack LeGrand, Security Specialist for Dell

5.    Prepare for breaches
“It’s sad that I have to use the phrase ‘When things go wrong’ as opposed to ‘If things go wrong,’ but the reality is that, the breaches that we read about in the newspaper everyday are still not all the problems out there. A lot don’t get reported, so you have to plan for this and take a risk management approach.”
Paul Kocher, President and Chief Scientist for Cryptography Research, a Division of Rambus

This is the second video in a series of five. Visit Govtech.com tomorrow for more highlights from RSA 2014. 

Noelle Knell is the executive editor for e.Republic, responsible for setting the overall direction for e.Republic’s editorial platforms, including Government Technology, Governing, Industry Insider, Emergency Management and the Center for Digital Education. She has been with e.Republic since 2011, and has decades of writing, editing and leadership experience. A California native, Noelle has worked in both state and local government, and is a graduate of the University of California, Davis, with majors in political science and American history.