Security exceptions are the norm
Do you know who is causing the most exceptions — and why?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
🔒 Related Stories: Cybersecurity for Executives
💻 Free Content on Jobs in Cybersecurity | ✉️ Sign up for the Email List
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
My last post in my series on Cybersecurity for Executives was about security policies. The next logical question pertains to exceptions. How many exceptions has the organization granted to your security policies? How much do they increase the chance an organization suffers a data breach?
Ideally, a security team writes a perfect policy, and everyone follows it precisely because it is the right thing to do. Anyone working on or with a security team in a large organization knows this does not happen! Exceptions happen.
Rather than defining a policy and expecting everyone to follow it in all circumstances, plan for exceptions in advance. How will people request policy exceptions? Will approval be automatically granted, and the exception…