How do we know if the CISO’s security program has accounted for all the components to be effective? This session will draw on the work in the 1980s by two McKinsey consultants (7-S Framework) and applies it to building and sustaining the cybersecurity program to ensure we have accounted for strategy, structure, systems, skills, style, staff and shared values. The talk will look at each of these components.
1: Apply the 7-S organizational effectiveness model to the cybersecurity program practices.
2: Determine which, if any, 7-S components have “more bang for the buck.”
3: Identify the gap areas in their programs.
Some knowledge of the functions of a cybersecurity program and a few years experience in the field would be helpful.