TY - JOUR T1 - Editorial: Innovation Strategy and Practice (November 2018) JF - Technology Innovation Management Review Y1 - 2018 A1 - Chris McPhee KW - best practice KW - collaboration KW - creativity KW - cybersecurity KW - framework KW - information security KW - innovation KW - innovation ecosystems KW - maturity model KW - method KW - model KW - practice KW - research KW - research institutions KW - strategy PB - Talent First Network CY - Ottawa VL - 8 UR - https://timreview.ca/article/1194 IS - 11 U1 - Technology Innovation Management Review Chris McPhee is Editor-in-Chief of the Technology Innovation Management Review. Chris holds an MASc degree in Technology Innovation Management from Carleton University in Ottawa, Canada, and BScH and MSc degrees in Biology from Queen’s University in Kingston, Canada. He has nearly 20 years of management, design, and content-development experience in Canada and Scotland, primarily in the science, health, and education sectors. As an advisor and editor, he helps entrepreneurs, executives, and researchers develop and express their ideas. ER - TY - JOUR T1 - Information Security Best Practices: First Steps for Startups and SMEs JF - Technology Innovation Management Review Y1 - 2018 A1 - Urpo Kaila A1 - Linus Nyman KW - best practices KW - cybersecurity KW - information security KW - risk management KW - SMEs KW - startups AB - This article identifies important first steps toward understanding and implementing information security. From the broad selection of existing best practices, we introduce a lightweight yet comprehensive security framework with four useful first steps: identifying assets and risks; protecting accounts, systems, clouds, and data; implementing a continuity plan; and monitoring and reviewing. This article is intended primarily for startups and less mature companies, but it is likely to be of interest to any reader seeking an introduction to basic information security concepts and principles as well as their implementation. PB - Talent First Network CY - Ottawa VL - 8 UR - https://timreview.ca/article/1198 IS - 11 U1 - Finnish IT Center for Science (CSC) Urpo Kaila is the Head of Security for CSC – the Finnish IT Center for Science. His background in the information security industry, with long experience in handling security incidents as well as developing solutions for information security and data protection. He has been responsible to achieve the valued ISO/IEC 27001 information security management certification for CSC and is a steering committee member in security groups for some European Research Infrastructures, such as WISE and GÉANT SIG-ISM. Urpo holds the professional international information security certificates CISSP, GCIH, GCED, CISM, and ISO 27001 Lead Auditor. He also holds a Master’s degree from the Hanken School of Economics. His research focuses on best practices in information security and data protection. U2 - Hanken School of Economics Linus Nyman is an Assistant Professor at the Hanken School of Economics in Helsinki, Finland, and an Adjunct Research Professor in the Technology Innovation Management (TIM) program at Carleton University in Ottawa, Canada. He has lectured on a range of topics, including information security and privacy, information systems science, corporate strategy, and open source software development. His current research focuses on information security and privacy, which are topics he also covers in a blog for the Finnish daily newspaper HBL. Linus holds a PhD and a Master’s degree, both from the Hanken School of Economics. ER - TY - JOUR T1 - TIM Lecture Series – The Business of Cybersecurity JF - Technology Innovation Management Review Y1 - 2014 A1 - David Grau A1 - Charles Kennedy KW - analytics KW - banking KW - cybersecurity KW - hacking KW - incident response KW - information security KW - intelligence KW - targets KW - threats PB - Talent First Network CY - Ottawa VL - 4 UR - http://timreview.ca/article/785 IS - 4 U1 - TD Bank Group David Grau is Vice President and Head of Threat Response, Intelligence, and Defensive Technologies at TD Bank Group. David has more than 20 years of professional information security experience and leads a multi-national team of information security specialists, with a global responsibility for providing TD Bank Group's Security Incident Response, Threat Intelligence, and Defensive Technologies programs. U2 - TD Bank Group Chuck Kennedy is the VP for Credit Card Technology for North American Credit Card for TD Bank Group. He is responsible for technology service delivery, project management, and technology innovation for the credit card businesses for TD. Chuck has been a member of the CIO Association of Canada and has served on the Canadian Banker’s Association’s (CBA), Canadian Financial Institution – Computer Incident Response Team (CFI-CIRT). Chuck holds the CRISC designation (Certified In Risk and Systems Control) and was educated in the United States, Europe, and Canada. He holds a BA in Political Science (Business minor) from the University of Calgary and an MSc in Information Technology (Information Assurance) from the University of Maryland – University College. His graduate work involved the study of geo-spatial intrusion detection and its integration with complex event processing. ER - TY - JOUR T1 - An Enterprise Security Program and Architecture to Support Business Drivers JF - Technology Innovation Management Review Y1 - 2013 A1 - Brian Ritchot KW - cybersecurity KW - cyberthreats KW - information assurance KW - information risk KW - information security KW - risk KW - security architecture AB - This article presents a business-focused approach to developing and delivering enterprise security architecture that is focused on enabling business objectives while providing a sensible and balanced approach to risk management. A balanced approach to enterprise security architecture can create the important linkages between the goals and objectives of a business, and it provides appropriate measures to protect the most critical assets within an organization while accepting risk where appropriate. Through a discussion of information assurance, this article makes a case for leveraging enterprise security architectures to meet an organizations' need for information assurance. The approach is derived from the Sherwood Applied Business Security Architecture (SABSA) methodology, as put into practice by Seccuris Inc., an information assurance integrator. An understanding of Seccuris’ approach will illustrate the importance of aligning security activities with high-level business objectives while creating increased awareness of the duality of risk. This business-driven approach to enterprise security architecture can help organizations change the perception of IT security, positioning it as a tool to enable and assure business success, rather than be perceived as an obstacle to be avoided. PB - Talent First Network CY - Ottawa VL - 3 UR - http://timreview.ca/article/713 IS - 8 U1 - Seccuris Brian Ritchot is a Senior Information Security Consultant with Seccuris Inc, specializing in the implementation and delivery of intrusion-detection solutions, vulnerability assessment, network analysis, and security architecture. With 11 years of prior experience in the federal government, Brian has developed skills and expertise to support the detection, discovery, and mitigation of cyberthreat activity. Brian has led and managed several high-profile teams and projects to deliver operational security solutions that monitor and protect systems of importance to the Government of Canada. Brian now focuses his time in the private sector, helping a variety of customers across the critical infrastructure sector with their IT security needs. These activities span enterprise security architecture development, incident response and handling, vulnerability assessments, forensic investigations, and specialized IT security expertise to mitigate sophisticated cyberintrusions. ER -