To understand how organizations create effective safeguards against
risk, we need to examine what drivers affect their ability to prevent,
detect, and mitigate risk. (See Figure 68
.) The drivers must include these elements:
- Executive leadership: The
top leadership must prioritize security. This is critical for the
mitigation of attacks, as well as their prevention. The executive team
should also have clear and established metrics for assessing the
effectiveness of a security program.
- Policy: Policy has
strong ties to mitigation. Controlling access rights to networks,
systems, applications, functions, and data will affect the ability to
mitigate damage from security breaches. In addition, policies to ensure a
regular review of security practices will help prevent attacks.
The right protocols can help prevent and detect breaches, but they also
have a strong relationship to mitigation. In particular, regular
reviews of connection activity on networks, to ensure that security
measures are working, are key to both prevention and mitigation. It’s
also beneficial to review and improve security practices regularly,
formally, and strategically over time.
- Tools: The
judicious and appropriate application of tools has the strongest
relationship with mitigation. With tools in place, users can review and
provide feedback that is vital to detection and prevention as well as