11.4 Information and Cybersecurity Management
As has been discussed throughout this text, information system security is about technologies and the humans that use them. Therefore, technical security management has both organizational and system components. At the organizational level, we are interested in addressing the organizational concerns presented in the first section of this text—policies, law, security behaviors, and the like, whereas the system component is concerned with the technological countermeasures. At the organizational level, we need to develop and address the items in the configuration management plan. This includes creating a “culture of change management” through the establishment of an organization-wide SeCM program that ...
Get Information Security Management, 2nd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
