{"title":"坚持以结果为本的网络安全方针","authors":"Paul Brucciani","doi":"10.12968/s1353-4858(23)70046-9","DOIUrl":null,"url":null,"abstract":"Cyber security is often seen as an activity separate from an organisation's main business processes. It is something that only comes to the fore when an incident occurs – which may be too late. And this can create a gap between the true security needs of the organisation and its security posture. In contrast, outcome-based security creates direct links between business goals and security requirements.","PeriodicalId":100949,"journal":{"name":"Network Security","volume":"214 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Embracing an outcome-based approach to cyber security\",\"authors\":\"Paul Brucciani\",\"doi\":\"10.12968/s1353-4858(23)70046-9\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Cyber security is often seen as an activity separate from an organisation's main business processes. It is something that only comes to the fore when an incident occurs – which may be too late. And this can create a gap between the true security needs of the organisation and its security posture. In contrast, outcome-based security creates direct links between business goals and security requirements.\",\"PeriodicalId\":100949,\"journal\":{\"name\":\"Network Security\",\"volume\":\"214 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2023-10-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Network Security\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.12968/s1353-4858(23)70046-9\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Network Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.12968/s1353-4858(23)70046-9","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Embracing an outcome-based approach to cyber security
Cyber security is often seen as an activity separate from an organisation's main business processes. It is something that only comes to the fore when an incident occurs – which may be too late. And this can create a gap between the true security needs of the organisation and its security posture. In contrast, outcome-based security creates direct links between business goals and security requirements.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
