The Information Security Policy Must Be Marketed To Employees

first_imgDon’t assume people will read the security policy!Just because the policy is posted, does not mean everyone will read it. Listen to the Audiocast:Policy, like any other communication, must be marketed.  It is the role of the security professional to show the end-users the value and how it helps them.   Make it personal.References: SANS.org blog: How to Suck at Information Securitylast_img

Leave a Reply

Your email address will not be published. Required fields are marked *