Security Should Be Business Focused, Says ISF

A security assurance program that focuses on business needs can help organizations meet the needs of business stakeholders, according to a new report released by Information Security Forum (ISF). The report, Establishing a Business-Focused Security Assurance Program, offers organizations ways to establish a security assurance program that takes a business-focused approach by “identifying how to move from current to future approaches, introducing three fundamental elements that underpin successful business-focused security assurance and describing a repeatable process to provide security assurance.” Given that implementation of security assurance programs vary significantly among businesses, the report is an effort to formalize the structure through four strategic objectives:

Read full article on Infosecurity