Which of the following is the BEST indication of a successful information security culture?
A. Penetration testing is done regularly and findings remediated.
B. End users know how to identify and report incidents.
C. Individuals are given access based on job functions.
D. The budget allocated for information security is sufficient.
A. Penetration testing is done regularly and findings remediated.
B. End users know how to identify and report incidents.
C. Individuals are given access based on job functions.
D. The budget allocated for information security is sufficient.