9.1 Security and Policies
We will take a break from the more technical aspects of information and cybersecurity for a bit and shift gears to look at organizational security behaviors and policies. A primary role for technology managers as far as security is concerned is to provide well-defined expectations for security behaviors. Part of this includes enforcing security policies. A security policy consists of rules and practices that govern acceptable security behaviors and serves as a foundation for the specifications of rules for systems and applications usage. As we discussed in the chapter on computer security, a system remains trusted by fulfilling and enforcing security policies and often the relationships between subjects and objects. ...
Get Information Security Management, 2nd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
