Information security as company-wide business process
"Recognizing infosec as a global business process - rather than a role within IT" – about this topic, last week a meetup of the group MUC:SEC took place at jambit.
Jenn Foosh, expert in the field of security, risk management and compliance, held a keynote speech about the relevance of information security (InfoSec) in organizations. It was not at all only a topic for the internal IT department, but had to be recognized as comprehensive aspect in all organizational areas. Accordingly, it was better placed in the compliance or legal department of a company instead of the IT department. There, the risk existed that it would be treated as unpleasant cost factor and would never reach the importance of a mission-critical business process.
After the speech, the around 30 meetup participants discussed the speaker’s statements and further security issues while enjoying pizza and beer at the jambit office.