9.5 Management of Contravention Behaviors
Managers have the responsibility to be proactive in trying to prevent attacks from happening. One main avenue that managers have to be proactive is to ensure that employees do not omit security countermeasures, such as keeping operating system security patches up to date. In the event that an attack does occur, managers must respond quickly—with due diligence and with due care and with the guidance of legal counsel and the human resources department. We have already presented that security policies outline what precautions should be taken and the sanctions for violations of these policies or the law, that procedures should specify the necessary steps to implement the organization’s security countermeasures, ...
Get Information Security Management, 2nd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
