The key component of any strategic security program is its overall focus on the enterprise's critical assets. Processes, procedures and tactical operations must be driven by strategic goals based on your critical assets to ensure that the security program is in step with the enterprise's business needs. As a result of this alignment with business needs, a strategic security program will enable business and provide tangible metrics to demonstrate its effectiveness.
In an asset-based security program, the information gained by each operational process is tied to the relevant assets. By focusing on the critical assets that your security program is in place to protect, you put in place an underlying foundation that individual security processes can link into. In doing so, you allow these individual processes to integrate with each other with assets being the "common ground" among them. Think of your assets as being the "glue" that holds together a strategic security program, allowing the information gained by one individual process to be readily utilized to by the other processes. And by enabling the flow of information between security processes that are typically isolated "information silos," you set in place the mechanism that drives continuous improvement across your entire security program.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.