Posted by ed_maverick in Information Security | 0 comments
Given the growing importance of information and data for organizations, worldwide, one would think that it’s protectors would be given sufficient power, if not the proverbial free-hand, to implement necessary security measures. We say this because Information Security professionals already have a humongous task of fighting and protecting the organization’s information assets against plethora of threats. Moreover, the nature of the field is such that they have to keep themselves updated with latest trends, technologies, certifications etc. Does it, then, justify to pile on the burden of convincing the Senior Management and Board of Directors (who are already aware of these issues and understand their importance) for implementing new security measures? Does it?