Chapter 38 Hosting Security Responsibilities
Each Technology owner needs to have a designated security point of contact (which could be the technology owner herself).
A security point of contact understands how the group or unit uses technology along with the efficacy of local security controls. In working with leadership, they balance the need to secure the business with the need to run the business effectively.
These security points of contact form a virtual team that may be called to respond to security incidents affecting the entire company. Have a process for convening the team and dealing with company-wide security emergencies. Who owns managing an emergency of that scope? How is it handled if that person is on vacation? What is the internal ...