Definition of Security Management
the set of functions (a) that protects telecommunications networks and systems from unauthorized access by persons, acts, or influences and (b) that includes many subfunctions, such as creating, deleting, and controlling security services and mechanisms; distributing security-relevant information; reporting security-relevant events; controlling the distribution of cryptographic keying material; and authorizing subscriber access, rights, and privileges.
|
|
Security Management
|
|
A Security Guide For Acquiring Outsourced Service
Outsourcing is not an abdication of the organization's security responsibilities to an external contracting vendor. While leveraging on the economies of scale and technical expertise of the supplier, the organization needs to make sure that the outsourced IT project or service does not introduce security problems or vulnerabilities to the already-functioning internal systems, business processes and operations. This guide is an attempt to collate all security requirements relating to outsourcing, for which organizations seeking outsourcing should actively look into.
Read the Article
|
Corporate Security Summary Template
This word template can be used to give management an overview of an organizations secuirity posture. It covers the top risks as well as mitigations for them. Ongoing security related projects, and other general security metrics.
Read the Article
|
Selling Security To Management
As with all problems of this nature, this problem is the result of a failure to communicate with management. While I realize this is not your typical topic for a SANS discussion, it is important to our credibility as professionals because, if we cannot effectively communicate with those who control our success, then we will continue to be relegated to our present role in the organization. The better we are able to communicate our issues to management, the more likely it will be that management will respond positively to our issues. This document will help you understand how to create presentations that will engage management and will discuss the common presentation pitfalls that befall technology people.
Read the Article
|
Modeling the Silicon Curtain
This paper will present the available range of modeling and simulation capabilities in Information Assurance. It will also establish some principles for extending these capabilities into the community. It will do this by establishing a case for utilizing more simulation in our discipline, reviewing past modeling & simulation efforts within Information security, reviewing the traditional types of modeling and simulation methodologies, addressing capability and experiences in computer modeling within other areas such as telecomm and economics, and providing a framework for future computer based modeling and simulation efforts in Information security.
Read the Article
|
Privacy: A Study of Attitudes and Behaviors in US, UK and EU Information Security Professionals
As technology continues to modify the ways in which information of all types is stored, analyzed and exchanged, concerns related to privacy are growing. At the same time, the very concept of privacy is highly subjective, varying culturally as well as organizationally. In this presentation some of the cultural and organizational aspects of privacy will be examined, and some Internet-related threats to privacy discussed. Then, new survey data from our study of user behavior and technical facilitators of privacy will be presented. The study focuses on users' attitudes toward privacy and their responses to some globally applicable privacy-related threats. The data show some unexpected results, which will be interpreted by application of several well- nown psychological models to the user behavior. Finally, the need for further work in the field is highlighted, and suggestions for further research provided.
Read the Article
|
Got Cyber Insurance?
Thanks to a crippling series of computer attacks in 1998, Seattle-based Viznet Inc., an online merchant exchange network service provider once valued at $1 million, is now selling off its customer lists for $50,000. The worst damage occurred when the attacker spammed Viznet's 90 merchant customers, claiming Viznet was a cover for a pedophile ring. The attacker, a former programmer at the company, knew that the wife of owner/operator Jim Vizner owned a day care center.
Read the Article
|
Security Lifecycle - Managing the Threat
In this paper, the security elements that make up a lifecycle will be discussed; what pieces are needed to address all aspects of security, and how often they should be addressed. The security elements are categorized into three areas, Prevention, Detection and Response. Each category is discussed below, including what elements fit within these categories and how they address the overall security posture of the organization.
Read the Article
|
Security Management - The Fundamental Tradeoffs
Security administrators face some interesting tradeoffs. fundamentally, the choice to be made is between a system that is secure and usable, one that is secure and cheap, or one that is cheap and usable.
Read the Article
|
Managing Desktop Security
This document describes the defense mechanism for security of desktops (including notebooks or laptops) in a network computing environment from the approach of security requirements among users, process of implementing and enforcing security policies and technology within an organization.
Read the Article
|
Keep Current With Little Time
Keeping current for security professionals is easily a full-time job and is probably the most important thing after establishing a secure network. Once a secure network is established, it does not stay that way without work. For many though, time is a problem. There are many ways to keep current with computer security.
Read the Article
|
|
|
Page: 1 2 3 4 5 6 7
Members currently browsing this category:
|
|
