Security Frameworks Require a Focused, Dedicated Approach
- Security frameworks should always be aligned with the business, particularly when an organization is working with limited resources.
- To be effective, the controls have to be actively integrated and used in the IT environment. They must become an important part of the business and security practice.
“A security framework helps information security experts achieve their own objectives while also aligning them with business objectives.”
According to Jayesh Patel, every security framework should be closely aligned to the business. “A security framework helps information-security experts achieve their own objectives while also aligning them with business objectives,” he says. As chief information security officer (CISO) at Save the Children International, Jayesh and his team concentrate on providing cost-effective information-security solutions so that they do not cut into the funding for the organization’s core mission of promoting children’s well-being. Using this approach, they can still provide the essential IT resources to staff who are charged with delivering programs.