Security Management Strategies for the CIOAccess "Service-level agreement advantages and disadvantages"
This article is part of the August 2004 issue of Weight lifter: Appliances that lighten your security load
If your business deals with British conglomerate Imperial Chemical Industries' data, you'll have to submit to regular third-party scans of your networks and be prepared to promptly fix any exploitable flaws. And don't try to pull one over on Paul Simmonds, ICI's global information security director. "We have a very simple rule: If you have a new vulnerability that crops up, you see it at the same time as I do, and you take care of it," Simmonds explains. "If the same vulnerability shows on the next week's scan, then I want to come and get you." And he does. He's killed contracts with vendors who fail to fix major vulnerabilities that put at risk the maker of paints, food additives, fragrances and personal hygiene products. Question the accuracy of the probes, and Simmonds will sic his staff on you, offering bonuses to programmers who breach your network and deface your Web site or capture data to prove a point. Such assurances, sometimes referred to as security warranties or service-level agreements (SLAs), are on the rise as enterprises realize growing ... Access >>>
Access TechTarget
Premium Content for Free.
What's Inside
Features
-
-
Cut security costs with all-in-one appliances and firewall policies
by Lisa Phifer, Contributor
Turnkey, all-in-one appliances offer cost-effective security with less hassle.
-
Enhancing security risk management with cyberinsurance
by Lamont Wood, Contributing Writer
When all else fails, there's cyberinsurance. Learn how to enhance security risk management with cyberinsurance.
-
Cut security costs with all-in-one appliances and firewall policies
by Lisa Phifer, Contributor
-
-
Data security failure: How the government broke our trust
The government exposed thousands of Native Americans' financial data to hackers. Elouise Cobell forced the government off the Internet.
-
Service-level agreement advantages and disadvantages
by Anne Saita
Learn about the advantages and disadvantages of service-level agreements.
-
Data security failure: How the government broke our trust
-
Columns
-
Service-level agreement management: Defining security policy roles
Does your security plan include expectations or incentives for SLAs? Lawrence Walsh explains why setting standards for your enterprise is essential.
-
Be prepared: How to prevent and detect botnets
by Marcus J. Ranum, Contributor
Sooner or later, enterprises have to deal with a remote-controlled compromise. By treating botnets as a disaster preparedness problem, they'll be on the right track.
-
IE security risks: Making the switch to a more secure browser
by Jay Beale
Given the huge Web-based risk exposure with everyone running the same operating systems should enterprises look for an alternative to IE? Short answer: Absolutely.
-
Threat modeling follows attack tree as enterprise protection practice
by Pete Lindstrom, Contributor
Does your enterprise maximize its threat modeling potential? Expert Pete Lindstrom displays threat-modeling best practices and shows how it can help protect your enterprise.
-
Anticipating the worst: Security threat awareness and mitigation
Many IT managers have been lulled into a false sense of security because cyberattacks haven't happened yet. The coin-flip principle provides an all-too-real cyberspace context.
-
Service-level agreement management: Defining security policy roles
More Premium Content Accessible For Free
Next-generation firewalls play by new rules
E-Zine
Firewalls started their journey to the next generation at about the same time as the Star Trek TV series. While the products have advanced with ...
Developing your endpoint security management transition plan
E-Handbook
This TechGuide will help you develop your endpoint security management transition plan. Articles focus on overcoming the challenges of Web-based ...
Unlock new pathways to network security architecture
E-Zine
Network security architecture is showing its age at many organizations. With new technology, different data types, and use of multi-generations of ...