Knowing how to address those emotional responses can help security administrators leverage support for security, and Boston University realized in the aftermath of its breach that the community was ready to get better at security.
Shamblin instituted two-factor authentication for faculty and staff at Boston University, but he offered this advice: "Research solutions that you know you need. CISOs need to be aware of their own institutions' weaknesses. If you can get the money for resources before something happens, do."
Sign up for CIO Asia eNewsletters.