Premium Content

Access "All Aboard!"

Published: 15 Oct 2012

Policy & Process To gain buy-in and support for your security policies, it's best to start at the top. A clearly written security policy that's supported by management, properly implemented by technical staff and complied with by users is the dream of every security manager. The real world, though, is a bit different. When asked by Information Security what's making their jobs harder, 58 percent of security managers pointed to user ignorance and policy noncompliance. Close behind were business units ignoring risk and threats (51 percent), and the lack of management buy-in and support (43 percent). Security polices aren't something that are written and put on a shelf to collect dust. They're living, dynamic documents that should embody the mission and operations of the enterprise. That means how the policy is created, implemented, communicated and enforced is just as important as what the policy says. Bridging the gap between policy intent and policy practice isn't difficult. Like most things in security, it's about process. Security managers can use some ... Access >>>

Access TechTarget
Premium Content for Free.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

What's Inside


More Premium Content Accessible For Free