How to Design a Business Driven Security Program
A security program is comprised of many layers and operates best following a top-down approach as shown above. The top layers of a security program deal with strategy, risk and governance, whilst the lower levels deal with operational tasks. Two approaches exist for the design and implementation of a security program, top-down and bottom-up. […]