Q

Best practices for determining the number of needed security professionals

How would a company best determine the appropriate size of its network security group? As an example, Company ABC is a Global Manufacturer with 10 firewalls in nine different countries. All of the offices are connected by a WAN and seven of the 10 firewalls are Internet firewalls. They have about 5,000 employees of which roughly 2,000 have remote access needs. They have all of the standard IS groups: help desk, PC support, server admin, network engineering, etc. In order to determine how best to support the growing Internet needs of this company, from a security perspective, are there any basic "best security practices" that dictate how many trained security personnel should be used to properly support a company of this size?


Unfortunately, there aren't any magic answers. Server admins, network engineers and others can all have a security background and probably should, at least, have some basic security training. The abilities of those people whose primary job is something other than security will dictate how many dedicated security people you need. Also, if any of your security services are outsourced, that will affect your staffing needs as well.

I'm sorry to be evasive on this question, but every company situation is unique.


This was first published in May 2001

Dig deeper on Information Security Jobs and Training

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close