Security Management Strategies for the CIOAccess "Internal security controls and business continuity go hand in hand"
This article is part of the June 2004 issue of Exposed: Why your AV software is failing to protect you
How do you know when you have "enough" security? Every company answers this question differently, depending on its security mindset. This mindset, usually dictated by the board and the CEO, governs the company's fundamental approach to IT risk: How much are we at risk? What type of risk? What do we do about it? Every CEO pays lip service to security. But when it's time to transform words into deeds, CEOs fall into one of four evolutionary stages of security enlightenment. Stage 1: Security is a necessary evil. "I pay for IT security because I have to. The government is forcing security regulations down my throat, and I'll spend what's necessary to comply, but not a penny more. My board and shareholders demand financial results. I'm not about to invest a ton of money in security when there's a thousand other revenue opportunities to pursue." Stage 2: Security is air conditioning. "Security is a basic necessity, like electricity or climate control. When the occasional heat wave hits, you crank up the AC. When you get nailed by a virus, you clean up and move on... Access >>>
Access TechTarget
Premium Content for Free.
What's Inside
Features
-
-
Antivirus software comparison, 2004: Not all AV products are equal
Your desktop AV may be leaving you wide open to attack.
-
NAC best practices and technologies to meet corporate security policy
by Curtis Dalton, CISSP
New solutions help you secure endpoints
-
Antivirus software comparison, 2004: Not all AV products are equal
-
-
Physical and IT Security: Overcoming Security Convergence Challenges
Physical and IT security convergence seems just one leap away...and may remain that way. Learn how to overcome security integration challenges.
-
Six Sigma and CMM models offer security best practices
Security can learn a lot from Six Sigma, CMM and other established business methodologies.
-
Physical and IT Security: Overcoming Security Convergence Challenges
-
Columns
-
Unintentional benefits: Attackers force search for better Trojan virus protection
by Lawrence M. Walsh
Editor Lawrence M. Walsh says creative attackers are unintentionally aiding the search for better security defenses.
-
Firewall and system logs: Using log file analysis for defense
by Marcus Ranum
Log analysis is the most under-appreciated, unsexy aspect of infosecurity, yet Marcus Ranum says it's one of the most important.
-
Prevent data loss, theft with secure data outputs
by Pete Lindstrom, Contributor
To secure data outputs, some organizations are going a step further by deploying data protection systems for specific applications.
-
Linux malware: Challenges of the Linux worm
Should Linux users brush off concerns about malware plagues? Short answer: No. Learn more about Linux malware and the challenges posed by the Linux worm.
-
Internal security controls and business continuity go hand in hand
Learn the top four quality of security beliefs and see why better security means better quality.
-
Unintentional benefits: Attackers force search for better Trojan virus protection
by Lawrence M. Walsh
More Premium Content Accessible For Free
Unlock new pathways to network security architecture
E-Zine
Network security architecture is showing its age at many organizations. With new technology, different data types, and use of multi-generations of ...
Emerging threat detection techniques and products
E-Handbook
Advanced persistent threat (APT) has been a used and abused term in the security industry, but security experts say targeted attacks are a growing ...
The rapid evolution of MDM solutions
E-Zine
Mobile device management (MDM) continues to grow at a feverish pace, both in terms of adoption and mobile security features. BYOD policies, and the ...