28 Posts

Derek Brink

VP & Research Fellow, IT Security and IT GRC, Aberdeen Group

Derek Brink helps individuals to improve their critical thinking, commuication skills and leadership skills by teaching graduate courses in information security and IT management at Brandeis University. He also helps organizations to improve their security and compliance initiatives by researching, writing about and speaking about the people, processes and technologies that correspond most strongly with leading performance, as part of his role as vice president and research fellow at Aberdeen Group, A Harte Hanks Company. Derek Brink helps individuals to improve their critical thinking, commuication skills and leadership skills by teaching graduate courses in information security and IT management at Brandeis University. He also helps organizations to improve their security and compliance initiatives by researching, writing about and speaking about the people, processes and technologies that correspond most strongly with leading performance, as part of his role as vice president and research fellow at Aberdeen Group, A Harte Hanks Company. He is experienced in high-tech strategy development and execution, corporate / business development, product management and product marketing, through positions at RSA Security, IBM, Sun Microsystems, and Hewlett-Packard. Derek earned an MBA with honors from the Harvard Business School and a BS in Applied Mathematics with highest honors from the Rochester Institute of Technology.

Written By Derek Brink

The Information Security Leader, Part 1: Two Distinct Roles, Four Fundamental Questions and Three Persistent Challenges

An information security leader today needs to fill multiple roles and be capable of addressing new challenges related to managing risk.

Health Care Security: Midyear Checkup on Security Trends

Predictions for health care security in 2016 were grim. What can we learn about the industry and its risks at this midyear checkup?

A Strategy Map for Security Leaders: Taking the Next Step — Linking Strategy and Execution

The strategy map for security leaders lays out ideas about the future of information security and how organizations can get there.

A Strategy Map for Security Leaders: People, Processes and Technologies

The strategy map covers the people, processes and technologies the information security team needs to achieve its most critical operational capabilities.

A Strategy Map for Security Leaders: Critical Capabilities for the New-School CISO

The strategy map for security leaders highlights the critical capabilities today's CISOs should have, ranging from technical prowess to people skills.

A Strategy Map for Security Leaders: How CISOs Should Strive to Be Perceived by Key Stakeholders

The strategy map for security leaders emphasizes the importance of CISOs bridging the gap between technical expertise and traditional business operations.

A Strategy Map for Security Leaders: Information Security’s Value to the Organization

Information security professionals can use a strategy map to help answer one critical question: What value do they provide to their organizations?

A Strategy Map for Security Leaders: Applying the Balanced Scorecard Framework to Information Security

Security leaders need to implement a strategy map for cybersecurity if they hope to achieve their organizational goals and lock down important information.

Self-Improvement Agenda for CISOs: Communicating the Business Value of Security

When conveying the business value of security, CISOs must remember that awareness isn't understanding, silence isn't approval and some metrics don't work.

Self-Improvement Agenda for CISOs: Four Types of Business Value, Two Types of Risk

Risk management doesn't always get the investment it deserves, often because security and IT professionals misinterpret their objectives for the company.