A successful enterprise cybersecurity program begins with policy that is unambiguous, well organized, well maintained, and that balances the enterprise's security needs against its business priorities. It is important to organize this policy so that it is easy to write, understand, and maintain over time. Cybersecurity policy establishes the foundation upon which the enterprise's cybersecurity program is built, and represents a contract between the enterprise's cybersecurity practice and the business. Through cybersecurity policy, the business and cybersecurity agree on the ways and extents to which cybersecurity will be used in the business to practically implement and enforce protections of intellectual property and information system assets.
CITATION STYLE
Donaldson, S. E., Siegel, S. G., Williams, C. K., & Aslam, A. (2015). Sample Cybersecurity Policy. In Enterprise Cybersecurity (pp. 335–351). Apress. https://doi.org/10.1007/978-1-4302-6083-7_19
Mendeley helps you to discover research relevant for your work.