Data is a valued asset that can propel growth. How you collect and store it can create a risk profile you don’t fully understand—with potentially negative consequences. That’s why you need to assume you have toxic data until you can prove you can’t.
As protecting data becomes more challenging and complex, with new tools being introduced to the market seemingly daily, three simple, core cybersecurity basics remain the best weapon to combat threats.
The governance pyramid is built bottom-up with policy, standards, process, procedures, and guidelines. To be effective, the structure needs to be organized, consistent, and aligned with to policy and business need.
Security as a Process (SAAP) and the classification of information is fundamental to information security. This article, the second in a three-part series, looks at the "how" of information security and why it is so important.
Information security is a multifaceted field, covered with tempting baubles and sharp thorns. However, the unifying framework upon which the whole field is suspended is governance. This article, the first in a three-part series, looks at standards and policy—from why policies are needed and what needs to be done to support them.