Page 63 - TSSC
P. 63
Drivers Minimizing Risk
Executive Leadership
Executive leadership must own and
publicly evangelize security as a high Detect
priority. To alert your organization to security
weaknesses before they become full-blown
Policy incidents, implement a system for
Regularly review security practices, categorizing incident-related information.
and control access points to networks
systems, applications, functions, Prevent
and data.
To minimize impact of breaches, encourage
Protocols employees to report failures and problems,
Regularly, formally and strategically and clearly communicate security processes
review and improve both security and procedures.
practices and connection activity on Minimized
the network. Mitigate
Implement and document exact procedures Risk
Tools for incident response and tracking. Inform
Put tools in place to enable users to and educate all parties on precise, step-by-
review and provide feedback on step crisis management response protocol.
security, and empower them to increase
security controls on high-value assets.
