Every organization with information systems or data has a business objective of protecting its critical information systems and sensitive data. In the past, information security protection was viewed as an unknown art practiced by the “techies,” but the numerous major breaches and information security events that have taken place have made protection of information systems and data among the top concerns in the C-suite.

In a 2015 survey by PricewaterhouseCoopers, almost 45% of CEOs in the United States rated their level of concern about cyber threats and lack of data security as “extremely concerned.” A total of 86% (up from 69% in 2014) of the same executives expressed that they were either “somewhat concerned” or “extremely concerned” ...

Get Information Security Policies, Procedures, and Standards now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.