Wed. Jun 29th, 2022

Business News on the Fly

What Are Information Security Responsibilities?

Information Security Responsibilities are central to the Information Security profession. Some technical responsibilities include designing secure software or rescuing encrypted files. Other responsibilities are managerial, such as ensuring that policies are in place and followed by staff members. Yet other responsibilities involve communicating with non-technical audiences about information security risks and controls — something we call “security awareness” and also “secure communications.”

In any setting, professionals with information security responsibilities need to know which of their many tasks are most important, how they relate to other people’s work, and how much time should be spent on each. Many organizations have been through a process called the “security life cycle;” others haven’t. Information security professionals need to know as much as possible about how their organizations acquire, store, transmit and use information — not just who has formally been given roles and responsibilities. They may also find it helpful to understand their organization’s culture, particularly any assumptions about what is normal or deviant behavior.