All information security professionals around the globe acknowledge that "everyone is responsible for information security" in a company. This trivial statement looks clever but hides core challenges, "Who is everyone? How does everyone contribute or challenge information security?" In our researched project we researched in-depth roles, processes and interaction in the corporate information security, by creating a framework for crystal clear defined roles and its associated security obligations and responsibilities. 20 corporate roles are analyzed from management and security perspective;...
All information security professionals around the globe acknowledge that "everyone is responsible for information security" in a company. This trivial...