I hosted a longish lecture & discussion this morning with a small but select mix of MBA students from Providence College School of Business and Edinburgh Napier computing students. They had been working on a project to visualise some security log data to help identify the wheat (data leaks) from the chaff (ordinary traffic).
My challenge: give an overview to explain how the tool they were developing fits into the business context.
I focussed on explaining how risk management and controls are the route to understanding why information security matters to business. I also discussed why incident handling is no longer optional (thank APT, and think about TalkTalk’s experience of its data breaches).
My main point was that a tool that identifies incidents quickly, acts as a detect control (part of risk management) and will help management make better decisions, ealier. A useful thing for both MBA and Computing students to know!
Here are the slides: