Premium Content

Access "Information security maturity model"

Published: 19 Oct 2012

How well do your colleagues in other departments understand what security does? If executives had to grade how well you're doing as a function supporting the business, would they know what questions to ask? Last year, Forrester Research found that roughly half of all CISO or equivalent roles reported directly to C-level executives, yet we still see a significant number of these individuals struggling to articulate how security supports the broad organization. Operational metrics and compliance reports reflect performance to some extent, although the scope of these measures is limited, and they rarely address the interests of the business. To meet these challenges, security professionals should use a framework to evaluate the process maturity of all functions for which the security organization is responsible. Measuring process maturity takes the conversation out of the technology world and presents an assessment of how well you approach your different responsibilities. For example, using COBIT maturity levels, you can assess whether your incident response ... Access >>>

Access TechTarget
Premium Content for Free.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

What's Inside

Features

More Premium Content Accessible For Free

  • Does Windows 8.1 meet the demands of the BYOD age?
    windows_shopping_8-1.png
    E-Handbook

    The variety and sheer number of network endpoints, users and devices in the enterprise today is driving IT's demands for enhanced security features ...

  • Application security policy after Heartbleed
    ISM_0914.png
    E-Zine

    Enterprises leverage open source software for the perceived quality of the code, but the Heartbleed flaw has made many question their use of ...

  • Devising a security strategy for the modern network
    countering_cybercrime.png
    E-Handbook

    The network of today's enterprise is larger and more diverse than ever, which means there's more for hackers to attack. So as enterprises update ...