Security is inextricably linked with electronic and human processes. Yet process is one of the most difficult things to enforce with any degree of reliability or effectiveness. This in itself can be a threat agent. The flow of information is too rapid and voluminous to address in the traditional way, which calls for a wholesale shift in thinking about the process of security management.

A security policy is only as good as the paper it is written on unless the procedures that support that policy are able to be enforced in reliable, effective and consistent ways. For the users, that may mean leading them through a very linear process that culminates in a logical end. For the security response team, that may mean a multidimensional workflow with lots of “choose your own adventure” variables along the way, dictated by different types of security events and the weighted risk of assets involved.

Register or login for access to this item and much more

All Information Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access