| |June 201819CIOReviewvery organization, to-day, is undergoing a transformational jour-ney owing to the tech-nological advances wherein, information and data are be-coming the most valuable assets. This data, like any other valuable asset, is exposed to potential cyber threats and risks that could lead to financial losses and must be protected. Organiza-tions are not only seen to experience increased risk susceptibility but are also investing in setting up a security framework to avoid being exposed to such risks.Enterprise Information Security Management­ Not a technical solution anymoreEnterprise Information Security Management is no longer considered as simply a technical solution now. It is as significant as a business function in any industry today. However, in-vesting money on information secu-rity does not prove that organizations are doing enough to ensure enterprise wide security is assured. In my view, organizations and technology teams investing and setting up firewalls and assuming that we are secured is not sufficient. In addition to this, having a formal education in the organiza-tion and defining a formal Enterprise Risk Management process is becom-ing increasingly critical to measure maturity of information security in organizations.Investing in creating an Enter-prise Information Security Policy is a good way to ensure that a security framework has been defined to initi-ate as well as control the implemen-tation of all kinds of information security practices. The primary ob-jective of the policy is to ensure that an organization's information and all other related processes and facilities EWHY YOU SHOULD CHECK THE MATURITY OF YOUR INFORMATION SECURITY SYSTEM REGULARLY?By Subramanya C, Chief Technology Officer, Hinduja Global Solutions (HGS)CXO INSIGHTS
< Page 9 | Page 11 >