Into the Breach – Audio Series – Chapter 8 (Measuring Success)
Welcome to the continuation of the Into the Breach: Protect Your Business by Managing People, Information and Risk audio series. (Click this link) to learn more about this how this book solves today’s challenges and pick up a complete copy. This series, underwritten by Configuresoft, now part of EMC, is the full and unabridged audio version of Into the Breach, written by Michael Santarcangelo and read by the author. Join us for a new chapter released on the first Tuesday of each month (there are 13 chapters total).
What you’ll find in this episode (Chapter 
The strategy has been revealed. The fundamentals of what is now The Catalyst Method have been shared (note: if you want the update on The Catalyst Method, drop me an email). The key considerations for a pilot shared – and now it is time to measure success.
So how do you measure what matters so you can communicate what counts?
In this chapter, “Measuring Success,” Michael draws on his background of social science and economics to explain a powerful approach to measuring success. Learn how to use the right mix of qualitative and quantitative measurements to get the feedback necessary for success.
Learn how to measure what matters and communicate what counts.
You want more, so after listening…
After listening to this segment of Into the Breach, keep the energy going and support the shift in thinking and inspire behavior change by
- Engaging (not following) Michael on twitter (http://twitter.com/catalyst)
- Subscribing to The Security Catalyst podcast & blog to get more insights
- Learn more about The Catalyst Foundation Series – proven success for security initiatives to excite, ignite and turn insiders into allies who reduce business risk!
Go deeper Into the Breach with Michael Santarcangelo with EMC
Each month, EMC pulls back the curtain and provides more insights and a deeper discussion with Michael Santarcangelo about the elements in this chapter. Learn how to harness the power of their people to inform and improve the risk management process in a matter of weeks. Go to www.configuresoft.com/securitycatalyst today to register now and listen to the recorded sessions from before and get access to the latest session.
Podcast: Play in new window | Download (10.6MB)
Into the Breach – Audio Series – Chapter 7 (Putting the Strategy to Work: A Pilot)
Welcome to the continuation of the Into the Breach: Protect Your Business by Managing People, Information and Risk audio series. (Click this link) to learn more about this how this book solves today’s challenges and pick up a complete copy. This series, underwritten by Configuresoft, now part of EMC, is the full and unabridged audio version of Into the Breach, written by Michael Santarcangelo and read by the author. Join us for a new chapter released on the first Tuesday of each month (there are 13 chapters total).
What you’ll find in this episode (Chapter 7)
The strategy has been revealed. The fundamentals of what is now The Catalyst Method have been shared (note: if you want the update on The Catalyst Method, contact us to learn more).
So how do you implement in a way that gets results?
In this chapter, “Putting the Strategy to Work: A Pilot,” Michael explains the basic approach – with key insights – to engaging people in the process of protecting information. Learn how to select the pilot approach that works best, build the team and plan a strategy that drives tactical and strategic success.
There is no “one-size-fits all” approach, and this chapter lays out how to make the right decisions the first time. Get a jumpstart on success with this chapter.
You want more, so after listening…
After listening to this segment of Into the Breach, keep the energy going and support the shift in thinking and inspire behavior change by
- Engaging (not following) Michael on twitter (http://twitter.com/catalyst)
- Subscribing to The Security Catalyst podcast & blog to get more insights
- Learn more about The Catalyst Foundation Series – proven success for security initiatives to excite, ignite and turn insiders into allies who reduce business risk!
Go deeper Into the Breach with Michael Santarcangelo with EMC
Each month, EMC pulls back the curtain and provides more insights and a deeper discussion with Michael Santarcangelo about the elements in this chapter. Learn how to harness the power of their people to inform and improve the risk management process in a matter of weeks. Go to www.configuresoft.com/securitycatalyst today to register now and listen to the recorded sessions from before and get access to the latest session.
Podcast: Play in new window | Download (7.5MB)
Into the Breach – Audio Series – Chapter 6 (Implementing The Strategy to Protect Information)
Welcome to the continuation of the Into the Breach: Protect Your Business by Managing People, Information and Risk audio series. (Click this link) to learn more about this how this book solves today’s challenges and pick up a complete copy. This series, underwritten by Configuresoft, now part of EMC, is the full and unabridged audio version of Into the Breach, written by Michael Santarcangelo and read by the author. Join us for a new chapter released on the first Tuesday of each month (there are 13 chapters total).
What you’ll find in this episode (Chapter 6)
Chapter Six is where Michael explains how to customize and implement the Strategy to Protect Information. The information he shares is designed to bring immediate results. This set the stage for the refinement of what is now called The Catalyst Method™ — what Michael teaches, guides and uses to help organizations get results that transform insiders into allies who reduce business risk.
Go deeper Into the Breach with Michael Santarcangelo with EMC
Each month, EMC pulls back the curtain and provides more insights and a deeper discussion with Michael Santarcangelo about the elements in this chapter. In fact, for this chapter, Michael explains how he has modified the implementation and refined “The Catalyst Method™” to get real, rapid results. Learn how to harness the power of their people to inform and improve the risk management process in a matter of weeks.
Go to www.configuresoft.com/securitycatalyst today to register now and listen to the recorded sessions from before and get access to the latest session.
You want more, so after listening…
After listening to this segment of Into the Breach, keep the energy going and support the shift in thinking and inspire behavior change by
- Engaging (not following) Michael on twitter (http://twitter.com/catalyst)
- Subscribing to The Security Catalyst podcast & blog to get more insights
- Learn more about Michael’s keynotes – and hire Michael Santarcangelo to excite, ignite and turn insiders into allies who reduce business risk!
Podcast: Play in new window | Download (14.3MB)
Into the Breach – Audio Series – Chapter 5 (The Strategy to Protect Information)
Into the Breach
Welcome to the continuation of the Into the Breach: Protect Your Business by Managing People, Information and Risk audio series. (Click this link) to learn more about this how this book solves today’s challenges and pick up a complete copy.
This series, underwritten by Configuresoft, now part of EMC, is the full and unabridged audio version of Into the Breach, written by Michael Santarcangelo and read by the author. Join us for a new chapter released on the first Tuesday of each month (there are 13 chapters total).
What you’ll find in episode 6, Into the Breach: Chapter 5 (The Strategy to Protect Information)
Chapter 5 is the introduction to Part II of Into the Breach — where the focus shifts to looking at what needs to be done. I outline a powerful, yet simple, approach dubbed “The Strategy to Protect Information.”
Key is the focus on information, not data, and the three steps that any organization must follow in order to be effective. The balance of Part II explains how – but just learning and understanding the three part strategy is transformative.
After listening to this chapter, you will know the strategy and be able to apply it to your current challenge — small and tactical or larger and organizational.
The timing works well as 2010 initiatives are considered – and questions are always welcomed at getresults@securitycatalyst.com, by engaging with me on twitter (http://twitter.com/catalyst)
Unleash the full power in time for the new year: Announcing the Team Inspiration Bundle
Imagine the power of presenting a hand-signed, hard cover version of Into the Breach: Protect Your Business by Managing People, Information and Risk to a member of your team, an executive or even a partner or client to give them the very keys necessary to refresh, re-energize and refocus for an exciting year ahead.
As we head into 2010, Michael Santarcangelo and the entire The Security Catalyst team is focused on celebrating the good of people and amplifying the positive. Into the Breach reveals the insights and sets forth the path for any person or organization to follow to get results that turn insiders into allies who reduce business risk.
This is a gift that opens the doors to more and unlocks the ability to harness the power of people. More, this book can be accompanied with an eBook or audio book version – and the resources of The Security Catalyst Online to set the stage for a transformative year ahead.
CLICK HERE to order the special 10-book or 20-book package at a deep discount by December 24, 2009.
You want more, so after listening…
After listening to this segment of Into the Breach, keep the energy going and support the shift in thinking and inspire behavior change by
1. Engaging (not following) Michael on twitter (http://twitter.com/catalyst)
2. Subscribing to The Security Catalyst Online Blog and Podcast to get more insights
3. Hire Michael to deliver guaranteed solutions for your organization that turn insiders into allies who reduce business risk
Not enough? Need more?
Go deeper Into the Breach with Michael Santarcangelo in December, courtesy of EMC
In December, EMC will release the next recording of Michael Santarcangelo — behind the scenes — to journey deeper into the ideas behind the Strategy to Protect Information. Go to www.configuresoft.com/securitycatalyst today to register now and listen to the recorded sessions from before and get reminded to download the December session.
Podcast: Play in new window | Download (12.8MB)
Into the Breach – Audio Series – Chapter 4 (The Solution: Manage People, Information and Risk)
Episode 5: Into the Breach: Chapter 4 (The Solution: Manage People, Information and Risk)
Welcome to the continuation of the Into the Breach: Protect Your Business by Managing People, Information and Risk audio series. (Click this link) to learn more about this how this book solves today’s challenges and pick up a complete copy. This series, underwritten by Configuresoft, now part of EMC, is the full and unabridged audio version of Into the Breach, written by Michael Santarcangelo and read by the author. Join us for a new chapter released on the first Tuesday of each month (there are 13 chapters total).
What you’ll find in this episode (Chapter 4)
Chapter four wraps up the first part of Into the Breach with a candid discussion about the current approaches to managing risk – and why they are not working. Michael explains that risk management is based on curves, not continuums, then dives deeper into the three barriers to effective risk management: scale, perception and probability. While looking at each, Michael makes suggestions on how to overcome them, then introduces the concept of managing risk on the efficient frontier.
Go deeper Into the Breach with Michael Santarcangelo in November with EMC
In November, EMC pulls back the curtain and provides more insights and a deeper discussion with Michael Santarcangelo about the elements in this chapter. In fact, for this chapter, Michael explains why the current practices are essentially “risk reaction” and explains how he helps companies get results that harness the power of their people to inform and improve the risk management process.
This also sets the stage for the next part of the book, as Michael explains more about how to leverage his research and experience to get real results and prepare for a successful 2010. If you have a question about how to leverage the power of Into the Breach for your organization, please contact Michael to get the insights and guidance for success!
Go to www.configuresoft.com/securitycatalyst today to register now and listen to the recorded sessions from before and get access to the November session.
You want more, so after listening…
After listening to this segment of Into the Breach, keep the energy going and support the shift in thinking and inspire behavior change by
- Engaging (not following) Michael on twitter (http://twitter.com/catalyst)
- Subscribing to The Security Catalyst podcast & blog to get more insights
- Learn more about Michael’s keynotes – and hire Michael Santarcangelo to excite, ignite and turn insiders into allies who reduce business risk!
Podcast: Play in new window | Download (14.4MB)
Into the Breach – Audio Series – Chapter 3 (Breaking the Security Diet)
Episode 4: Into the Breach: Chapter 3 (Breaking the Security Diet)
Welcome to the continuation of the Into the Breach: Protect Your Business by Managing People, Information and Risk audio series. (Click this link) to learn more about this how this book solves today’s challenges and pick up a complete copy. This series, underwritten by Configuresoft, now part of EMC, is the full and unabridged audio version of Into the Breach, written by Michael Santarcangelo and read by the author. Join us for a new chapter released on the first Tuesday of each month (there are 13 chapters total).
What you’ll find in this episode (Chapter 3)
Breaking the security diet is recognition that what happens in organizations today is more akin to a crash diet than a healthy approach to securing information. In this chapter, Michael reveals the high cost of this “fad diet” approach and shines a light on the new fad diet: encryption. However, there is a solution, and Michael explains how to break the fad diet, improve leadership and engage individuals. A pivotal chapter in the book, designed to create a fundamental change in the way organizations and individuals protect information.
Go deeper Into the Breach with Michael Santarcangelo in October with EMC
In October, join Michael Santarcangelo for a live conversation to journey deeper into the chapter. During the conversation, hosted by EMC, Michael will:
- Reveal the ideas and concepts that may have been pared from the chapter you just listened to
- Expand upon or update the elements in the chapter you just listened to
- Answer questions in a candid and direct style – focused on delivering insights that lead to results
Go to www.configuresoft.com/securitycatalyst today to register now and listen to the recorded sessions from before and get reminded to join in for the September session.
You want more, so after listening…
After listening to this segment of Into the Breach, keep the energy going and support the shift in thinking and inspire behavior change by
- Engaging (not following) Michael on twitter (http://twitter.com/catalyst)
- Subscribing to The Security Catalyst podcast & blog to get more insights
- Checking out the upcoming schedule to meet Michael (and his family) “onTour” – as they travel the country by RV (working on Dallas, Phoenix and San Francisco, with a likely stop in Atlanta and maybe Charlotte)
Podcast: Play in new window | Download (11.0MB)
Into the Breach – Audio Series – Chapter 2 (People Just Want to Do Their Jobs)
Episode 3: Into the Breach: Chapter 2 (People Just Want to Do Their Jobs)
Welcome to the audio series of Into the Breach: Protect Your Business by Managing People, Information and Risk (click this link to learn more about this book and pick up a complete copy – to get started on your personal journey). This series, underwritten by Configuresoft, now part of EMC, is the full and unabridged audio version of Into the Breach, written by Michael Santarcangelo and read by the author. Join us for a new chapter released on the first Tuesday of each month (there are 13 chapters total).
What you’ll find in this episode (Chapter 2)
Chapter 2 reframes the challenge with powerful insights about the way people “just want to do their jobs.” Michael introduces what he calls the two principles – a powerful concept about how people do their jobs, and an eye-opener that leads to improved interactions. The corollary to these principles is also explored, along with guidance on what to do about it. With a focus on individuals, Michael explains, “Compliance is not a video game” and reveals that a common approach of “exclusion” is creating more harm than good. The chapter wraps up with a discussion of “the human response to pain” – with a common example played out in organizations everywhere.
Go deeper Into the Breach with Michael Santarcangelo on September 16th
On September 16th, join Michael Santarcangelo for a live conversation to journey deeper into the chapter. During the conversation, hosted by EMC, Michael will:
- Reveal the ideas and concepts that may have been pared from the chapter you just listened to
- Expand upon or update the elements in the chapter you just listened to
- Answer questions in a candid and direct style – focused on delivering insights that lead to results
Go to www.configuresoft.com/securitycatalyst today to register now and listen to the recorded sessions from before and get reminded to join in for the September session.
You want more, so after listening…
After listening to this segment of Into the Breach, keep the energy going and support the shift in thinking and inspire behavior change by
- Engaging (not following) Michael on twitter (http://twitter.com/catalyst)
- Subscribing to The Security Catalyst podcast & blog to get more insights
- Checking out the upcoming schedule to meet Michael (and his family) “onTour” – as they travel the country by RV (dates now in Alaska, NYC and working on Dallas, Phoenix and San Francisco, with a likely stop in Atlanta and maybe Charlotte)
Podcast: Play in new window | Download (12.9MB)
Into the Breach – Audio Series – Chapter 1 (Breach: A Human Problem)
Episode 2: Into the Breach: Chapter 1 (Breach: A Human Problem)
Welcome to the audio series of Into the Breach: Protect Your Business by Managing People, Information and Risk (click this link to learn more about this book and pick up a complete copy – to get started on your personal journey). This series, underwritten by Configuresoft, now part of EMC, is the full and unabridged audio version of Into the Breach, written by Michael Santarcangelo and read by the author. Join us for a new chapter released on the first Tuesday of each month (there are 13 chapters total).
What you’ll find in this episode (Chapter 1)
Chapter 1 defines the challenge of breach as a “human problem” and begins the journey to understand how and why we got where we are today. Michael reveals how reliance on technology has masked the true nature of the problem and explains how to re-think the way technology supports the needs of people. He also suggests that a focus on breach is too narrow, and that all information must be protected.
A personal invitation to go deeper Into the Breach with Michael Santarcangelo
In two weeks, join Michael Santarcangelo for an insider’s perspective and live conversation to journey deeper into the chapter. During the conversation, hosted by EMC, Michael will:
- Reveal the ideas and concepts that may have been pared from the chapter you just listened to
- Expand upon or update the elements in the chapter you just listened to
- Answer questions in a candid and direct style – focused on delivering insights that lead to results
Did you miss the in-depth discussion with Michael about the Introduction? If so, go to www.configuresoft.com/securitycatalyst today to register now and listen to the recorded session and get reminded to join in for the August session.
You want more, so after listening…
After listening to this segment of Into the Breach, keep the energy going and support the shift in thinking and inspire behavior change by
- Engaging (not following) Michael on twitter (http://twitter.com/catalyst)
- Subscribing to The Security Catalyst podcast & blog to get more insights
- Checking out the upcoming schedule to meet Michael (and his family) “onTour” – as they travel the country by RV
Podcast: Play in new window | Download (8.4MB)
Into the Breach – Audio Series – The Introduction
Welcome to the audio series of Into the Breach: Protect Your Business by Managing People, Information and Risk (click this link to learn more about this book). This series, underwritten by Configuresoft, now part of EMC, is the full and unabridged audio version of Into the Breach, written by Michael Santarcangelo and read by the author. Join us for a new chapter released on the last Tuesday of each month (there are 13 chapters total).
What you’ll find in this segment
The Introduction explores the nature of the challenge faced by organizations around the world. As we prepare for the journey “Into the Breach”, it is revealed that breaches are only symptoms, and the real challenge is described as a human paradox. Setting the stage for a shift in thinking necessary to get results, three common myths are exposed and addressed. A powerful strategy to protect information is shared, and the clarion call to engage, empower and enable people is sounded.
A Private Invitation to Engage with Michael Santarcangelo
Build on your experience. Sign-up for exclusive invitation-only conversations [click on the link to sign up now for your invitation] with Michael Santarcangelo, hosted by EMC. Join Michael for a live conversation two weeks after each chapter is released where he will:
- Reveal the ideas and concepts that got cut from each chapter
- Expand upon or update the elements in the chapter you just listened to
- Answer questions in a candid and direct style – focused on delivering insights that lead to results
The discussion centered around the concepts revealed in the Introduction is scheduled for Thursday, July 16th. Visit http://www.configuresoft.com/securitycatalyst.aspx for more details and to get your invite!
You want more, so after listening…
After listening to this segment of Into the Breach, keep the energy going and support the shift in thinking and inspire behavior change by
- Engaging (not following) Michael on twitter (http://twitter.com/catalyst)
- Subscribing to The Security Catalyst podcast & blog to get more insights
- Checking out the upcoming schedule to meet Michael (and his family) “onTour” – as they travel the country by RV
Podcast: Play in new window | Download (9.2MB)
Security Catalyst Show – February 16 2009 – Certification & Accreditation
Welcome to the Security Catalyst Program – bringing you the ideas, insights and tools necessary to change the way people protect information. I am Michael Santarcangelo, your personal catalyst on this journey. Thanks for listening!
On today’s program, we explore Certification and Accreditation with the help of three experts who share an absolute wealth of knowledge.
A few quick notes
1. Into the Breach is available as an eBook and signed Hardcover from www.intothebreach.com Learn more about how to engage users, restore responsibility and hold people to account. In fact, this book lays out how to reduce costs without increasing risk, turn insiders into allies and manage people, information and risk better.
2. For 2009, I am excited to announce the expansion of the Security Catalyst Blog – with the awesome Catalyst Contributors. Visit the blog each day to get a fresh perspective
3. I’m in the process of revamping the podcast series for 2009. I know a lot of people are struggling – and in addition to being a voice of optimism, I’m building a team to share information and strategies necessary for making a difference this year. If you want to contribute, or if you are facing a challenge and need some help – shoot me an email: securitycatalyst@gmail.com
Stay tuned for more information.
For today’s program, I am joined by Mike Smith, Graydon McKee and Joe Faraone to discuss C&A.
Links at a glance
The presentation that started the idea for this episode: http://www.slideshare.net/rybolov/why-care-about-government-security?src=embed
Graydon, Joe, and Mike teach 2-day C&A workshop and a 5-Fridays NIST Framework for FISMA workshop for the Potomac Forum. http://www.potomacforum.org/
Graydon’s blog: http://www.ascensionriskmanagement.com/BlogOne/
Papers and presentations: http://www.ascensionriskmanagement.com/BlogOne/paperspresentations/
Mike’s blog:http://www.guerilla-ciso.com/
Papers and presentations: http://www.guerilla-ciso.com/papers-and-presentations
The most relevant NIST publications are special publications 800-37 and 800-53, available here: http://csrc.nist.gov/publications/PubsSPs.html
About the Experts
Mike Smith
Michael Smith is a Manager in the Audit and Enterprise Risk Services organization of Deloitte & Touche LLP, where he leads engagements to provide security services to both commercial enterprises and government agencies. Prior to Joining Deloitte, Michael served as the Chief Information Security Officer with the Unisys Federal Service Delivery Center based in Reston, Virginia. His scope of responsibility included both providing governance and managing risk for several data centers, Security Operations Center, Network Operations Center, and Server Management Team.
Graydon McKee
Graydon McKee is the Vice President and Chief Operating Officer of Ascension Risk Management LLC. Graydon is an accomplished Risk Management/Information Security professional with extensive experience in developing and implementing Information Risk Management and Information Security Programs to clients in both the public and private sector. He is a recognized leader in government regulatory compliance (Federal Information Security Management Act and the Defense Information Technology Security Certification and Accreditation Process compliance) and has taught the process to over 2,000 individuals representing over 600 federal government agencies and offices.
Joe Faraone
Joe Faraone is a Senior Information Security Architect with GCI Corporation, based in Reston, Virginia with over 20 years’ experience in Information Security. Joe has delivered services for numerous Federal customers including Certification and Accreditation support, Security Governance Gap Analysis and Independent Validation and Verification (IV&V). Over his career, he has served as Lead Independent Security Engineer, Manager and Architect of a managed security center for an Intelligence Community Agency, and has performed Certification and Accreditation services for several high-assurance systems.
Podcast: Play in new window | Download (30.5MB)
Engage with Michael
-
Journey Into the Breach
