Fork me on GitHub

Culture and Org. -> Education and Guidance: Regular security training of security champions

Risk and Opportunity

Risk: Understanding security is hard, even for security champions.
Opportunity: Regular security training of security champions.
Evidence:

Exploit details

Usefullness: Medium
Required knowledge: Medium (two disciplines)
Required time: Low
Required resources (systems): Low

OWASP SAMM 1 Mapping: EG2-B
ISO27001:2017 Controls Mapping: