Chapter 12
Cybersecurity Governance
and Security Measures
12.1 Understanding the context
A strategic vision
At the start of the 21st Century, most large organizations – and many smaller
ones – have accepted the importance of facing up to the challenges of cyberse-
curity. They no longer view security strategy as merely an unstructured selec-
tion of security tools; instead, it is widely viewed as an ongoing management
process.
Approaching security through a dynamic management process that con-
tinuously adapts and improves solutions helps an organization deal with the
dynamic nature of security risks.
The goal of ICT security governance is to ensure that organizations use
the most suitable security measures at each given place and time regarding ...