PRO+ Premium Content/Information Security magazine

Thank you for joining!
Access your Pro+ Content below.
January 2005

Layer 8: The security governance myth

The unified business approach to security is creating better risk management. Is all the current fuss about governance making our lives easier or better? Can we really expect new regulations to force businesses to become as secure as we think they should be? I'm skeptical about the utility of government processes that are created to save business from itself; however, whether it's regulations like Sarbanes-Oxley or standards like COBIT and ISO 17799, the governance movement, driven by both internal initiatives and government mandates, has encouraged--if not forced--security to align itself with business philosophy, operations and objectives. Security is finally becoming part of a unified framework that shares goals, methods and vocabulary with the rest of the enterprise. Governance improves security's ability to communicate and expands the opportunity for sharing lessons learned. This is good for us and good for business. From the security pro's perspective, this unified corporate framework promulgates two primary agendas: risk ...

Access this PRO+ Content for Free!

By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.

You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

Features in this issue

Columns in this issue