Security governance is a process for overseeing the cybersecurity teams who are responsible for mitigating business risks. Security governance leaders make the decisions that allow risks to be prioritized so that security efforts are focused on business priorities rather than their own. They also govern the interplay of mitigating identified business risks, addressing internal and external threats, and dealing with compliance.