With limited resources in the information security department, which of the following is the BEST approach for managing security risk?
A . Implement technical solutions to automate security management activities.
B . Prioritize security activities and report to management.
C . Hire additional information security staff.
D . Engage a third-party company to provide security support.
Answer: B