LinkedIn and 3rd parties use essential and non-essential cookies to provide, secure, analyze and improve our Services, and to show you relevant ads (including professional and job ads) on and off LinkedIn. Learn more in our Cookie Policy.

Select Accept to consent or Reject to decline non-essential cookies for this use. You can update your choices at any time in your settings.

Start free trial Sign in

From the course: Certified Information Security Manager (CISM) Cert Prep (2022): 3 Information Security Program

Unlock the full course today

Join today to access over 24,100 courses taught by industry experts.

Alignment of security and business objectives

Alignment of security and business objectives

From the course: Certified Information Security Manager (CISM) Cert Prep (2022): 3 Information Security Program

Start my 1-month free trial Buy for my team

Alignment of security and business objectives

“

- [Presenter] Security objectives don't exist in an isolated bubble. They must coexist and interact with business objectives. The role of cybersecurity programs is to enable organizations to meet their business objectives while protecting the confidentiality, integrity, and availability of information and systems. To achieve this purpose, cybersecurity managers must have an intimate understanding of the business and they must work diligently to align security efforts with business needs. For example, let's consider a case where security and business objectives might be misaligned. Imagine the security program for an eBook publisher. An information security manager might look at this publisher, analyze industry best practices and decide to push a security policy that all access to corporate resources should require multifactor authentication. That's a common enough security practice and many organizations do…

Contents