What Is an Information Security Business Manager? - Security Boulevard

What Is an Information Security Business Manager?

An Information Security Business Manager is expected to function as a security leader within their designated role and partner with higher-ups to address security-related challenges. The tasks they perform are both strategic and hands-on and require a good understanding of varying information security disciplines and the business units they’re associated with. Additionally, they can also be asked to shoulder the training and management responsibilities for the rest of the security personnel.

This means that the role of an information security business manager may sometimes be a little hard to define. Let’s talk about it.

What Does an Information Security Business Manager Do?

The information security business manager is primarily responsible for diving and establishing a business-specific security-oriented program geared towards assisting related business units in detecting and resolving risks while also offering support to the information security officer (ISO). The role liaises between the information security officer and the business, keeping an open line of communication when it comes to reporting of security vulnerabilities to the associated leadership and ISO.

Additional responsibilities may include:

  • Directing business departments towards cyber-attack prevention and mitigation strategies to minimize future breaches
  • Serving as a major figure in information security deficiency fixation processes by shaping communication points and remediation
  • Offering transparency to organizational units on upcoming information security initiatives
  • Coordinating information security proposals, tests, evaluations, and inspections
  • Maintaining all security programs and technologies as part of a shared effort with the IT department
  • Managing data safety programs within assigned business units, including activities for the classification of unstructured data
  • Ensuring all stakeholders know the state of controls they’re accountable for and understand the part they have to play in the overall information security drive
  • Crossing bridges and getting along with department stakeholders to maintain a healthy security posture

Moreover, they will need to analyze how (Read more...)

*** This is a Security Bloggers Network syndicated blog from InfoSec Resources authored by Dan Virgillito. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/lV094l_zNOY/