Senior management with proper authority provides support for the cybersecurity program, at least in an ad hoc manner
Context and Guidance: Having material support from senior management is necessary for implementing a cybersecurity program. The fundamental forms of support are providing resources (people, tools, and funding) and authority to perform cybersecurity activities. To provide such support, the senior managers themselves must have sufficient and relevant authority.
Related Practices • Progression: This practice is part of a practice progression. Practice progressions are groups of related practices that represent increasingly complete or more advanced implementations of an activity. The practices in this progression include: PROGRAM-2a, PROGRAM-2c, PROGRAM-2d.