Reply to Message
Agree and disagree
The left-tackle is the corporate body is dead on. I have seen signs of "We want you" Uncle Sam with the text reading "Who is responsible for security? YOU ARE!" I disagree on who the Quarterback is. I always tell my customers that IT Security is made up of a hybrid between an IT pro and a Security pro and must be worked as a matrix business model (which is ugly, I know). The IT Security should report to the security dept managment directly. Furthermore, they should have the authority to direct the IT Dept. on matters of Information Assurance and IT Security.