Strategic Information Security - An Update From FRSecure
FRSecure Services:  Assessment  Program Development  Program Management  
October 2011

By Evan Francen, President

 

Evan Francen - President

If there is one thing that stands out time and time again, it's that too many excellent business leaders are absent when leading in the area of information security. Why is this? 


I think most people understand that it's important to protect the information they are responsible for, but I wonder if executive management understands the added responsibilities placed on them. Information security responsibilities are not typically a common topic among business leaders. 

Responsibilities
So what are the responsibilities of an executive with respect to information security? 

Ultimately, the information security "buck" stops with executive management. A significant portion of an organization's value is directly related to the quantity and quality of the information it possesses (in some organizations, as much as 90% of an organization's value!). Doesn't it make sense that an executive sees to it that such a significant portion of their organization's value be adequately protected?
a       

Read more

 
Outsource, or try to fix things yourself?

Recently we spoke at an iCPSI conference in Iowa, and got this question in front of 120 hospital administrators and staff from hospitals all over Iowa.

 

Like you, I'm sure they expected him to answer "Yes, of course you should hire us!".  But if you know us at all, you know that's just not our style.

 

Our answer: It depends
 
As with any outsourcing question, it really comes down to a few things: a) Do you have the expertise internally, and b) which way is more cost effective. And, for information security, c) will you do it?  

 

If you start with the end in mind, then the question becomes simpler. Ultimately what every business should have is an internally owned information security program. That means you have leadership buy-in, a driver (program manager), and a strategic program that fits your business.

 

Read more

Design your own security program

Unique to FRSecure, is the ability for you to design your own Information Security program, based on strategic building blocks. You pick the blocks you want, and we implement them. 

Choose options from categories like:
  • What's your driver for Information Security?
  • What type of Assessment services are you interested in?
  • What Program Development and Management services does your organization need?
Ultimately your program needs to be tailored to fit your organization, so we give you the ability to pick and choose the services that fit and skip the ones that don't.
FRSecure in the news
Over the next couple of weeks FRSecure will be featured by a couple different media outlets.

Star Tribune: This weekend FRSecure will be featured in an article in the business section.  The article will focus on the trend of companies requiring assurance from their vendors that the vendor is keeping shared information safe.  Called Vendor Risk Management, this type of program is a good idea, but unfortunately is usually done poorly, leading to mistakes by both the customer and the vendor.

AM 1570: Wednesday, FRSecure will be on the Peter McClellan show from 4-5pm.  Topics will include: Information security best practices, vendor risk management, common mistakes, and more.  A podcast of the show will also be available.

FRSecure speaks to iCPSI user group

iCPSI User Group
The iCPSI User Group is a community of Health Care professionals in Iowa. 
 
Recently Evan Francen spoke to their group about the need for strategic information security in hospitals as well as all health care organizations.
 
Topics:
Healthcare Regulation
Meaningful Use
Security Risk Analysis
Best Practices
Common Mistakes
 
 
We didn't record his talk, but you can view the slides here. 
 
Spoiler alert, he shows you exactly how to assess your information security program...  

Did You Know

 

The most recent Fairview breach resulted in the loss of 16,000 patient medical records

 

Nearly five million current and former soldiers and their family members had their data stolen from a military contractor in September 

  

 Microsoft to fix 23 security flaws on 'Patch Tuesday'

 

 Firefox advises users to disable McAfee plugin 

 

 

 

 

   

       
Follow us on:
  
Like us on Facebook   View our profile on LinkedIn   Follow us on Twitter

 

 

 

Join Our Blog!

 
952-442-1709  |  150 Pioneer Trail #125, Chaska MN 55318  |  www.FRSecure.com 

FRSecure LLC is a full-service information security consulting company. We are dedicated to providing value to our clients through well designed, implemented, and managed information security solutions.