Security Essentials for Project Managers: Protecting Email and Mobile Devices


By Neil Farquharson

Dallas, Texas, USA


Cyber-crime and espionage attacks your employers’ or clients’ reputation, profitability and future. Still somewhat quaintly referred to as “hacking,” these threats are now foremost in corporate strategic thinking. With the security breaches at the U.S. Office of Personnel Management, Sony, Home Depot and many others, and the Edward Snowden revelations about message interception, senior executives are realizing that data security is no longer an issue to be decided solely by the IT department. It is a decision to be made and budgeted for in the boardroom. Project managers have unprecedented access to all levels of an organization including the C-Suite, and so not only have an influence over the design of business security processes, but also may be called upon at short notice to brief senior executives on data security issues, and even to make recommendations.

This paper seeks to identify vulnerabilities for corporate data loss and finds that data in transit across the public Internet and via mobile devices are the main mediums for data interceptions. It also highlights process weaknesses and human behaviors that expose these vulnerabilities.


Executive boards across all industries continue to struggle to understand cybersecurity risks. According to a recent survey, just 11% of board members say they have a “high level” of knowledge about the topic.1 While an earlier study by the National Association of Corporate Directors yielded the results graphed in Figure A. These were the ratings board level directors gave themselves around the time that the Anthem and other high profile data breaches were elevating concern about cybersecurity risks firmly into the boardroom.


Source: National Association of Corporate Directors

Figure A. How directors across sectors rated their own knowledge of cybersecurity risks

No More Complacency

Until recently, senior executives and boards of directors have often been complacent about the risks posed by data breaches and cyberattacks. However, there is an obvious growing concern about the potential damage to brand reputation, class-action lawsuits and costly downtime that is motivating executives to pay greater attention to the security practices of their organizations. No longer can the C-Suite leave security issues up to the IT department. They are hiring CISOs (Chief Information Security Officers) as fast as they can find qualified candidates; and paying increased salaries to attract them. Often they seek informed opinion from any third-party professional contact with knowledge of security issues, and project managers can find themselves being asked to offer such opinion. Although there is a multitude of cybersecurity risks, project managers should make themselves aware of the three major agents that cause breaches, and the vulnerabilities that can be exploited, or innocently compromised.


To read entire paper (click here)

Editor’s note: Second Editions are previously published papers that have continued relevance in today’s project management world, or which were originally published in conference proceedings or in a language other than English. Original publication acknowledged; authors retain copyright. This paper was originally presented at the 9th annual University of Texas at Dallas Project Management Symposium in Richardson, Texas, USA in August 2015. It is republished here with the permission of the authors and conference organizers.



About the Author

pmwj40-Nov2015-Farquharson-PHOTONeil Farquharson, PMP

Technology Evangelist

Texas, USA



As Technology Evangelist for Zix, Neil Farquharson takes technical subjects and distills them down into easily understandable summarized forms. A former soldier, engineer and operations manager, he relocated from the U.K. to the U.S. in 2003. Since then, he has been a regular speaker at IT security and telecoms events.

Mr. Farquharson holds degrees from the University of Glasgow and the University of Texas at Dallas. He lives in Dallas with his wife and children.

Neil can be contacted at [email protected]