Jennifer Bayuk, an information security specialist and former CISO at Bear Stearns & Co., discusses what governance means to a security organization. Bayuk: It all comes down to the tones being set at the top. The six key elements are policy, strategy, awareness, implementation, monitoring and remediation, and monitoring are key to good governance, Bayuk says. Security managers have always followed the same types of ways of getting things done that other IT managers and managers in general have.”]
Source: https://www.cuinfosecurity.com/good-governance-how-to-be-security-leader-a-957