The Importance of a Security Program, that program headed by a CISO, and sitting at the C-level are all contributing factors to success.

A Security plan/program IS a business plan no different than your financial plans.

Even using a consultant or Virtual CISO (VCISO) is better than no plan at all.

via County Officials Didn’t Protect Computer Systems from Obvious Hacking Risks, Auditors Say | Voice of OC