CHAPTER 12: INFORMATION SECURITY GOVERNANCE
This is a much harder sell but, if the board can be brought to understand that it has a governance responsibility in respect of information security, you will have made the task of selling future information security investment proposals that much easier for yourself.
Here’s the argument:
The availability, integrity and confidentiality of its data are fundamental to the long-term survival of any 21st century organisation. Unless the organisation takes a top-down, comprehensive and systematic approach to protecting its information, it will be vulnerable to a wide range of threats, including cyber crime and cyber terrorism, data leakage and insider attacks. These threats are a ‘clear and present danger’ ...
Get Selling Information Security to the Board now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
