Preface

Information security has become a global challenge that is impacting organizations across every industry sector. C-Suite and board level executives are beginning to take their obligations seriously and as a result require competent business-focused advice and guidance from the organization's information security professionals. Being able to establish a fully developed, risk-based, and business-focused information security program to support your organization is critical to ensuring your organization's success moving into the future.

In this book, we will explore what it takes to establish an information security program that covers the following aspects:

• Focusing on business alignment, engagement, and support
• Utilizing risk-based methodologies
• Establishing effective organizational communication
• Implementing foundational information security hygiene practices
• Implementing information security program best practices