Security Awareness Training and Privacy

An organizationÂ’s security policy sets the standard for the way in which critical business information and systems will be protected from both internal and external threats. Defining a security policy is an opportunity for an organization to simultaneously define and refine its collective attitude to both its internal operations and external relationships, and, as such, embraces all aspects of the organization's operations, not just those directly impinged by "IT". (Lightfoot) Security policy must adapt to changing needs within the organization. Personnel responsible for creating and maintaining the security policy must learn to recognize changes in technology that impact security and how those changes impact the organization and the people who work for the organization.

Tags:

Read the complete paper at SANS