Risk Management Through Security Planning: Lessons from a CIO and CISO

by Patty Patria and David Sherry, EDUCAUSE Review

By addressing policy, looking at business processes, assessing risk, reviewing roles, and applying the appropriate responsibilities, you can reduce your risk and help your institution become more secure. The first step is to create an advisory committee that includes representatives from across campus, then implement the appropriate policies to manage risk and compliance. After working with your people and processes, technology has a role to play in preventing and detecting breaches. Cybersecurity insurance and an effective incident response plan help address breaches when they occur, but most important is weaving the security mission into everything your institution does.


Share on Facebook

Comments are closed.