The top-down approach to security is when an information security program moves ahead with management approval. The appropriate security funding is secured and there is a proper plan and direction towards the program. This approach is more efficient and generates better results. In short, the top-down approach is a more active and serious approach to security.
In contrast, the bottom-up approach to security is a reactive approach to solving information security concerns. Only after there has been a data breach or several hacking incidents does the company decide to act. This approach will only generate “stop gap” results and not long term results.
Click on a star to rate it!
Average rating / 5. Vote count:
Let us improve this post!
Thanks for your feedback!
Jayanthi Manikandan has an undergraduate degree in Computer Science from India and a Master’s degree in Information systems with a specialization in Information security from Detroit, MI, USA.
She has been passionate about Information security and has several years of experience writing on various technical topics. Additionally, she loves to pen a few personal thoughts here as well! 🙂