8.1 Security Models versus Policies
In this chapter, we are narrowing our look at information and cybersecurity specifically to computer systems, ignoring network security for the most part, for now. Recall that a primary role for technology managers, as far as security is concerned, is to provide well-defined means of identifying, monitoring, mitigating, and managing security risks. This includes oversight of members in the organization who are responsible for taking the appropriate actions. Viewed traditionally, it may seem as though security is only a technological problem by the concentration on techniques and technologies for creating better defenses and using criteria in performing risk analyses and the application of security countermeasures, ...
Get Information Security Management, 2nd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
