Information Security: Moving Beyond the "Office of No"

As tempting as it may be to say "No, we can't do this" at times, the effectiveness of information security will be measured not only by how effective we are at preventing security breaches but also by our contributions to achieving institutional goals. Information security provides essential risk analysis that allows management to make informed decisions about technology and information security. Increased use of technology is not optional—the cloud is here to stay, and institutional data will continue to move to third-party service providers. Information security needs to be seen as "Let's see how can we make this work" rather than "No, it can't be done." During this session, we will explore alternatives and approaches available to information security professionals to move from perceived "roadblocks" to nimble, flexible, and accessible partners in meeting institutions' changing missions of instruction, research, patient care, and community service.

OUTCOMES: Realize the tie between preventing security breaches and achieving institutional goals * Discover how to make informed decisions using risk analyses * Explore how to move forward in making the cloud a reality