Articles

Welcome to our articles page. You will find articles on various aspects of Information Security and Business Continuity promulgated here. This is done on an ongoing basis for free of cost for your education. We emphasize your cooperation to refrain from redistributing our content for commercial purposes without our prior written consent. However, you are free to use it for your personal (educational and research) purposes or to implement a certain roadmap or strategy in your organization.

 

We partner with CyAlpha — a Calgary-based Cyber consulting firm, to offer you the above services.

InfoSec Strategy, Core Series Rhonald John Rose InfoSec Strategy, Core Series Rhonald John Rose

Developing Information Security Strategy: Define your solutions, Part 2

Continuing from where we left off in the previous article, we discuss the DEFINE phase's remaining four goals.

Referencing your corporate goals is an important part step towards developing an effective InfoSec strategy. Once the alignment is satisfactory, you need to document the strategy for discussion. This strategy is not final since it should be discussed with your stakeholders before implementation. You should avoid providing concrete timelines for your strategy and instead adopt maturity levels. Furthermore, consulting with potential vendors will help you determine a realistic budget. When the strategy is approved, the programs will have a definite timeline and fine-tune the budget.

Read More