information-security-strategy
Installation
SKILL.md
Information Security Strategy Skill
Purpose
Defines the information security strategy framework for Hack23 projects, integrating risk management with compliance requirements.
Security Strategy Pillars
- Governance — Policies, procedures, roles
- Risk Management — Identify, assess, treat risks
- Compliance — ISO 27001, NIST CSF, CIS Controls
- Operations — Monitoring, incident response
- Assurance — Audits, testing, continuous improvement
Risk Management Process
- Context — Scope, stakeholders, criteria
- Assessment — Identify, analyze, evaluate risks
- Treatment — Accept, mitigate, transfer, avoid
- Monitoring — Continuous risk review
- Communication — Stakeholder reporting