Embedding Information Security Risk Management into the Extended Enterprise
Executive Workshop Publication
This Workshop on Developing a Secure Organization convened to discuss how companies are embedding information security risk management into the extended enterprise. In today’s outsourcedenterprises, effective risk management is quickly becoming a source of competitive advantage. The technology community has made much progress in the past five years improving the technical aspectsof security. Yet moving the needle on information security is a team activity, requiring participation by everyone in the corporation. The hardest remaining issues involve people and organizations. Inthis workshop, CISOs2 from Fortune 500 firms gathered to debate the challenges of organizing for security.