Governance
1. Governance refers to the methods of organizing and managing the response team.
|
2. Governance plays an extremely important role in achieving the security objective of the organization not only for current needs, but also to ensure well-drafted mitigation plans for future challenges. To address current issues, the governance framework covers improvements to security policies; the implementation of technical controls; audits and assessments; and driving awareness among people to shape their attitude toward secure behaviors. For future challenges, the governance framework must continually focus on emerging threat factors, fast-moving changes in the technological landscape, people’s views and behavior and — perhaps most importantly — the work culture transformations being pushed by CAMS.
Source: (Binwal, 2015)
3. A comprehensive cybersecurity governance framework ensures that business objectives are reflective of risk tolerance and that the resulting policies and procedures are accountable.
Source: (SecureWorks, 2017)