A Pragmatic Information Security Program for Small Institutions

When no one has "information security" in their job title, how can a small institution develop (and maintain) a reasonable IT security profile? An institution's information security profile is increasingly important, and it's not just IT's problem anymore. But for smaller institutions with limited resources, effectively implementing a security program can be a real challenge. The goal of this session is to provide those who have ownership of information security oversight with a pathway to implement a security program with controls that are reasonable, sustainable, comprehensive, and effective—and with resources that probably aren't tagged just for security.