People—Administration
Everyone in the company needs to play a role for the information security program to be successful. The CEO needs to set the overall tone for the company, and each employee needs to have a basic understanding of security and must raise potential issues to management. If everyone in the company relies entirely upon the information security staff, the program will fail.
Executives need to understand the overall priorities of the program and ensure that it is meeting its objectives within their organizations. They should hold their staff accountable for meeting these objectives and evaluate the security program against other priorities for their organization when making critical resource decisions.
Security policies will impose ...
Get Executive Guide to Information Security, The: Threats, Challenges, and Solutions now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.