Building a Security Framework: An Enterprise-Wide Endeavor
- Building a security framework must be a collaborative, organization-wide initiative, demonstrating how each person can do their part to ensure better security.
- A security framework also demonstrates due diligence and limits liability by making the regulatory process more efficient.
“A security framework builds the understanding that security goes across the board and that every person has a piece that they’re responsible for.”
Caleb Sima believes that security frameworks are valuable because they create an understanding across the organization of what is expected from not only the security team, as well as the risks they must manage, but how the entire company must be involved. “Security is embedded in every single part of the organization from application developers, to IT, to the business functions, to customer support. Security is everywhere,” he says. “A security framework builds the understanding that security goes across the board and that every person has a piece that they’re responsible for.” Accordingly, it shows how all of those pieces play a role in making the business more secure.