System and Communications Protection System and Information Integrity System and Services Acquisition

Security policy defines what the business believes is the best way to secure itself. It defines access to resources, user behavior, etc.

Security services are technical implementation of security policies

The idea is that people in technology should also be the same people doing security https://searchcio.techtarget.com/feature/Why-a-CISO-CIO-reporting-structure-undermines-security

https://www.reddit.com/r/Futurology/comments/v5rpj9/apple_google_and_microsoft_agree_to_adopt_the_new/

UTM (Unified Threat Management)

passwordless