Our company has a limited software
security team embedded in the developers group, a desktop security group within
the network team and physical security within building security. However, we
have no overall security policy to tie all our security experts together.
Is it important that they work
together in the same department, or should we just establish good lines of
communications between them so they don't just point fingers at each other when
a security breach happens?
-- Michael G., Security Analyst