The waterfall approach to building systems has passed its prime.
How should Security Management deal with this?
Security is a quality of information. Structures for upholding quality must align with practices of the enterprise. If business calls for flexibility, Security Mgmt should enable robust systems through usable structures, in accordance with how the organization chooses to govern and manage itself.
Is this a challenge? You bet.
Can Security Mgmt be agile? To stay relevant, it must.
