Larry Ponemon

@micshasan Thanks amigo! It was nice to Tweet with you today!

Thank you for a lovely chat! I look forward to Tweeting again. Be well! #infosecchat

@BeverlyMacy @iSecure_LLC @IBMSecurity Data is the new currency #infosecchat

A7 Enterprise risk management should own the BCM and the CISO roles. BCM and CISO should be joined at the hip. #infosecchat

@gregdyche The wrong culture can make the CISO role a living hell. #infosecchat

@jaleakyel @IBMSecurity @IICIstanbul Anything that causes downtime or business disruption diminishes reputation. #infosecchat

@gregdyche Number one is technical excellence. Two is the ability to understand the business. Three, communication skills #infosecchat

@PaulRob35443448 @IBMSecurity Good point. The planning for physical incidents is likely to be 80% of what you need for cyber #infosecchat

If you don't have a structured remediation plan, get one. Consultants can help. #infosecchat

A5 The best way to reduce recovery time is to have a structured remediation plan in place. #infosecchat

@iSecure_LLC @smarterleaders Creating an interdepartmental security team is difficult to get off the ground, but worth doing. #infosecchat

@micshasan Agreed! #infosecchat

@BeverlyMacy @micshasan Good question. I think there are mega breaches that do go undetected (ignorance is bliss) #infosecchat

@micshasan Hi Colin, The Target breach is a rare event. These rare events appear to be more likely these days. #infosecchat

@smarterleaders For companies that don't have a CISO, shame! #infosecchat

A4 The CISO needs to lead the CSIRT. The CIO should be supportive of the process, but not the leader. #infosecchat

@TechJournalist I am big fan of IPS/WAF, Next Gen firewalls . . . #infosecchat

@gregdyche Will do. We are still working on it. #infosecchat

@JeffMarinstein @TechJournalist Good point #infosecchat

@TechJournalist Thanks for these excellent questions and comments #infosecchat