Posts

Showing posts with the label policy

Strategic Cybersecurity Thinking

Image
Strategic Cybersecurity Thinking The ability to come up with effective plans in line with an organization's objectives within a particular cybersecurity situation. Strategic thinking helps cybersecurity managers review policy issues, perform long term planning, set goals and determine priorities, and identify potential risks and opportunities. Clearly, there needs to be a clear strategy as to what needs  to be done with respect to security. Such a strategy should determine the policies and  procedures. However in practice rarely a strategy for security is created. Most emphasis  is placed on policies, implementation of which is generally relegated to the lowest levels.  Rather it is assumed that most people will follow the policy that is created.  A strategic cybersecurity programme does not begin with tools and tactics, but with an articulation of one or more programme goals. Sun Tzu once said in The Art of War: “If you know the enemy and know yourself, yo...