Cyberspace Guardians: A Brief Guide to the Recruitment and Training of Security Personnel
This paper is an overview of the recruitment and training of entry- and intermediate-level information technology (IT) security staff members (referenced here as "security analysts"). Sources for this paper included security texts, news articles, and the experiences of the training team at a Silicon Valley-based network security monitoring company.
Read the Article
|
Implementing an Information Security Program
Recently, there has been an increase in the awareness for the need within corporations (as well as within government agencies) to protect sensitive, proprietary and company secret information. Unauthorized modification, loss or compromise of such information could very well severely damage an organization's current operations; future or even put it out of business.
Read the Article
|
Organizational IT Security Theory and Practice: And Never the Twain Shall Meet?
This paper presents an overview of common information technology security practices, demonstrates how and why they can frequently be ineffective, and finishes with suggestions on how we might better equip ourselves to prevent, and recover from unnecessary disruptions in the future.
Read the Article
|
Manage your Security Initiative as a Project
In large corporations, information security of some sort is a foregone conclusion. There is probably an organization already in place whose job is to secure data. They may do so with varying degrees of skill and varying results, but at least the intention is there at the corporate level. Establishing sound security in such an environment is a matter of assessment, deployment and monitoring.
Read the Article
|
Jekyll & Hyde in the Boardroom
Businesses rely on a balance of technological implementation and security implementation to create and maintain sound practices and trusted business relationships. Due diligence is an Executive requirement of traditional brick-and-mortar business that has greater implications for businesses with an on-line presence.
Read the Article
|
Plugging the holes! Your data is leaking OUT!
Data is essential to the development and success of a company. It can also be the downfall of a company if it gets into the wrong hands. There are many improper uses of data obtained from a company. Data can be used to compromise trade secrets or potential transactions. Data can also be used to "profile" a company. Profiling may be the first step before an attempted infiltration of your network.
Read the Article
|
The Cyber Security Management System: A Conceptual Mapping
In an environment of global connection and cyber terrorism, the protection of information assets is vital to every private business, public organization and individual household. This paper looks at the cyber security management process as a complex system of interrelated elements and demonstrates the use of concept mapping techniques to expand our knowledge of the system as a whole, and of policy and technology in particular.
Read the Article
|
Implementing a Project Security Review Process within the Project Management Methodology
This paper focuses on how to get greater penetration of security policies within the enterprise by adding a security review process within the existing project management methodology.
Read the Article
|
Applying Security to an Enterprise using the Zachman Framework
An enterprise information architecture provides a framework for reducing information system complexity and enabling enterprise information sharing. Much like a homeowner designing a home, information technology managers work with an architect to provide an agreed upon architectural drawing for the information and processes in the enterprise. This high level architectural drawing does not change with tactical decisions to deploy improved technology since it is simply built around a framework of business processes and the information that they need.
Read the Article
|
The social approaches to enforcing information security
Business security is becoming more strategically important everyday for sustainability, economic growth and future health. Although security in business is a very broad topic, for this report, the focus is on enforcing information security using social approaches in the business environment.
Read the Article
|
