A Chief Information Security Officer (CISO) of a large financial institution undergoing an IT transformation program wants to embed security across the business rapidly and across as many layers of the business as possible to achieve quick wins and reduce risk to the organization. Which of the following business areas should the CISO target FIRST to best meet the objective?
A) Programmers and developers should be targeted to ensure secure coding practices, including automated code reviews with remediation processes, are implemented immediately.
B) Human resources should be targeted to ensure all new employees undertake security awareness and compliance training to reduce the impact of phishing and ransomware attacks.
C) The project management office should be targeted to ensure security is managed and included at all levels of the project management cycle for new and in-flight projects.
D) Risk assurance teams should be targeted to help identify key business unit security risks that can be aggregated across the organization to produce a risk posture dashboard for executive management.
Correct Answer:
Verified
Q223: A security assessor is working with an
Q224: First responders, who are part of a
Q225: The Chief Information Security Officer (CISO) of
Q226: Staff members are reporting an unusual number
Q227: A vulnerability was recently announced that allows
Q229: A manufacturing company recently recovered from an
Q230: A network administrator is concerned about a
Q231: Following a recent outage, a systems administrator
Q232: A Chief Information Security Officer (CISO) needs
Q233: A security administrator is reviewing the following
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents