5.1 Managing Information Security
Managing information and cybersecurity has often been an afterthought. Methods such as DevSecOps have strived to better integrate the security processes into the continuous integration and continuous deployment (CI/CD) loop. It’s a good first step, but integrating information security management into the entirety of the planning and design processes is also needed, both at the strategic and tactical levels. The information security management life cycle (ISML) is another important set of processes to help ensure security integration. Managing information and cybersecurity begins with analyzing the security problems. Part of this involves doing risk assessments and establishing appropriate risk management procedures; ...
Get Information Security Management, 2nd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
