Security Management Strategies for the CIOAccess "Information security laws: Are they worth it for your organization?"
This article is part of the January 2003 issue of Negative exposure: Web scanners reveal unknown holes
An individual's opinion of proposed regulations is motivated by several hard-to-quantify factors. However, two groups--those who either strongly support or strongly oppose security laws--exhibit clear-cut organizational tendencies. Security professionals who feel infosecurity laws will make security at their organization "much better" exhibit the following characteristics: High number of users. High ratio of users to full-time security staff. Low number of reported incidents. These characteristics exemplify an underfunded and overwhelmed security department. Security staff is feeling pinched on all sides. They're responsible for more users than their counterparts at many other companies, and the reason they report fewer incidents is because they don't have adequate resources or time to monitor and detect them. They are searching for answers beyond what they feel their organization is willing or able to provide. In short, they support the prospect of stringent government security regulations because anything's better than the status quo. They feel that ... Access >>>
Access TechTarget
Premium Content for Free.
What's Inside
Features
-
-
Web application security scanners: How effective are they?
by Kelly White & Yong-Gon Chon
How good are Web application scanners at rooting out vulnerabilities? We test two of the leading tools head-to-head to find out.
-
Software code review: Code testing to identify vulnerabilities
New tools ease the burden of building secure code.
-
The declining need of accelerator cards
Cheap, more efficient general-purpose chips are reducing the need for accelerator cards.
-
IT security supports increased federal cybersecurity law, survey finds
by Andrew Briney
IT security supports increased federal cybersecurity law, according to an Information Security survey.
-
Security liability: Who's to blame for a data security breach?
Who's responsible for security breaches? Short answer: everyone.
-
Web application security scanners: How effective are they?
by Kelly White & Yong-Gon Chon
-
-
Web-based application infrastructure: Extended connectivity means more risk
Do you know how Web-based application infrastructures are built and used? Learn how in this story.
-
Understanding encryption and cryptography basics
Cryptography doesn't have to be so cryptic. Here's a primer, in plain English, to walk you through the basics.
-
Product review: ForeScout Technologies's ActiveScout 2.5
ForeScout Technologies's ActiveScout 2.5 stops malicious traffic outside the network perimeter, but only under certain conditions.
-
More cybersecurity laws needed for operational IT security
by Andrew Briney
The U.S. has already adopted several cybersecurity laws, but few affect operational IT security.
-
Information security laws: Are they worth it for your organization?
by Andrew Briney
Who wants the government's help? Who wants to be left alone? Are information security laws worth it for your organization?
-
Web-based application infrastructure: Extended connectivity means more risk
-
Columns
-
Defining IT security resolutions
by Andrew Briney
Editor-in-chief Andrew Briney offers five IT security resolutions for the New Year that he hopes the industry takes to heart.
-
Examining infosec hackers of the past and how they affect cybersecurity laws
Learn about hackers who have been caught in the past and how it effects IT.
-
How to harden Windows to improve security
How to harden a Windows box to improve security without impairing functionality.
-
Using routers to improve network firewall security
As businesses expose systems to the Internet, it's important to revisit how routers can act as the "suspenders" to the firewall "belt."
-
Taking action: Understanding the importance of information security
by Jay Heiser, Contributor
The British have a marvelous word, "whinging"--the practice of complaining without doing anything about it. Security practitioners love to "whinge."
-
Understanding the balance between privacy and security
Cooperation, compromise is needed to resolve the growing tension between security and privacy.
-
Defining IT security resolutions
by Andrew Briney
More Premium Content Accessible For Free
Next-generation firewalls play by new rules
E-Zine
Firewalls started their journey to the next generation at about the same time as the Star Trek TV series. While the products have advanced with ...
Developing your endpoint security management transition plan
E-Handbook
This TechGuide will help you develop your endpoint security management transition plan. Articles focus on overcoming the challenges of Web-based ...
Unlock new pathways to network security architecture
E-Zine
Network security architecture is showing its age at many organizations. With new technology, different data types, and use of multi-generations of ...