ITWeb: Can you tell us more about the 3C's of cyber security?
Corregedor: The 3C's of cyber security refer to the changes, challenges and customers when it comes to information security. The 3C's are inter-related and should not be seen in isolation.
The changes refer to the changes that have occurred within information security and within organisations themselves. In information security (infosec), the changing threat landscape and increased compliance requirements for organisations, has resulted in organisations having to invest a significant amount of resources into ensuring that their critical assets are adequately protected and/or their risk managed.
In addition to investing in infosec, organisations also need to innovate in order to remain competitive. This innovation unfortunately, results in information security not being prioritised i.e. innovation, product features, going to market before a competitor etc. are prioritised over ensuring information security is adequately implemented.
The challenge organisations face is finding a balance between addressing these changes while keeping their customers happy. Additionally, organisations are increasingly finding themselves in a position where they have to educate their customers on infosec and/or putting controls in place to protect customers from being exploited.
ITWeb: What top three key points would you like to leave the delegates with from your presentation in October?
Corregedor: In my talk I will be discussing how organisations can find the right balance between changes, challenges and customers. Specifically, I will be focusing on, through lessons learnt, how information security can be effectively implemented within an organisation in such a way that it will not only address the threats but also add value to the organisation and its clients.