Executive Buy-in, Cost, and Impact
Ultimately you will need senior managers’ formal buy-in and support for any costs they need to incur. When dealing with executive management, define expectations clearly. Senior executives generally have little time to create specific strategies. They expect well-defined security approaches and recommendations. You might need their input on undecided key issues. However, executives expect you to do your homework and to engage their teams. You should have already spoken to their staffs and worked out most of the details. When a CISO is in front of an executive to talk about implementing security policies against a target state, it should be a short conversation. The conversation should focus on “This is our ...
Get Security Policies and Implementation Issues, 3rd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
