Security and the business: the need for an adaptive security management architecture

The adaptive security management architecture (ASMA) seeks to take advantage of existing security practices and build upon them to promote the value of security to the business and to ensure a meaningful security posture. The ASMA is as much about the business and the security organization operating as a business unit as it is about security, risk, and compliance. There are many facets to the ASMA to achieve this, including capability maturity, applying security through services, and performance, security, and quality measurements that combine to ensure effectiveness and efficiency. Moreover, the characteristics of the ASMA provide clear visibility into operations and security that ultimately translate to adaptability and enabling the business.