For an information security professional, one of the most important areas for an organization is building a corporate security culture. Building a security culture begins with the IS professional: being transparent and passionate about security, speaking about security initiatives at company meetings, and providing recurring security awareness talks.This grass-roots, bottom-up approach should be coupled with an increased focus on executives. Getting their support and buy-in is absolutely cri...
Read the full article