Did you know Cybrary has FREE video training? Join more than 2,500,000 IT and cyber security professionals, students, career changers, and more, growing their careers on Cybrary.
This discussion opens identifying key senior management roles within the organization and what those relationships are to corporate security and interactions with you as a CISSP. We'll discuss at length the responsibilities of steering committees, how to identify the Data Owner and distinguish its role from the Data Custodian, and review the role and responsibility of Network Administrators (availability) relative to the Security Administrator (security). We look in detail at the role of Data Classification, how it's classified, who classifies it, how its value is determined and those relationships to data control, and asset valuation. Then we'll examine the best way to implement a Delphi analysis and what the weakest links are in your security process, and why it's important to "thoroughly" train your team for effective Knowledge Transfer. We'll explain it critical to help end-users understand the "why" behind security policies, and give an example of what happens when they don't the the purpose of a given restriction. And finally, you'll learn the reasoning behind question that focus on "purpose" and what is means to encourage desired behavior.