Security Management Strategies for the CIOAccess "Best Advice"
This article is part of the September 2005 issue of What's the best IT security advice you've ever received?
Scott Charney Vice president of Trustworthy Computing, Microsoft Trust but verify. Some of the best IT security advice I've received--trust but verify--can appear simple in principle, but is more complex in implementation. It wars with our instinct as humans to inherently trust each other. When I am asked for advice, I often tell people to put the business leaders, the legal counsel and the IT staff in the same room--each department will learn how it is dependent on the others. Mikko Hypponen Director of antivirus research, F-Secure Trust no one. "Trust no one," says X-Files character Fox Mulder. Ultimately, we all have to take responsibility for our actions, and we can rely only on ourselves to get that done. Ernie Hayden CISO, Port of Seattle Look at the whole picture. Probably the best security advice I ever re-ceived was from my good friend and co-worker Kirk Bailey (CISO, University of Washington, and former CISO, City of Seattle): Try to stay at a strategic or high level to ensure that you look at the entire picture before making a security policy, ... Access >>>
Access TechTarget
Premium Content for Free.
What's Inside
Features
-
-
SSL VPN: Aventail's EX-1500
A review of Aventail's EX-1500
-
Sunbelt Software's CounterSpy Enterprise 1.5 Product Review
In this product review, get the pros and cons of Sunbelt Software's CounterSpy Enterprise 1.5 features, such as antispyware scanning, centralized logging and reporting.
-
Single Sign-On
Imprivata's OneSign 2.8
-
Sizing up e-mail appliances
by Tom Bowers, Contributor
Information Security magazine tests four e-mail appliances designed to clear the way for safe messaging. Here's how they measured up.
-
Top 5 Hacker Tools: Google hacker, password cracker, WLAN detector
by Ed Skoudis, Contributor
Read about five must-have hacker tools: WikTo, a Web scanner and Google hacking tool; Paros Proxy, a Web application manipulation proxy; Cain and Abel, a password sniffer/cracker; Winfingerprint, a Windows configuration harvester; and Wellenreiter, a passive WLAN detector. Get a feel for their capabilities, and then carefully incorporate each into your assessment methodology.
-
SSL VPN: Aventail's EX-1500
-
-
Hot Pick: Aladdin Knowledge Systems' eSafe 5
Aladdin Knowledge Systems' eSafe 5
-
Recent Releases: Security product briefs, September 2005
Read about security products that launched in September 2005.
-
A Field Guide to Passive Reconnaissance and Indirect Attacks
Read a review of the security book: Silence on the Wire: A Field Guide to Passive Reconnaissance and Indirect Attacks.
-
Best Advice
In this must-read compilation, we asked security luminaries to share their anecdotes, professional wisdom and success stories.
-
Hot Pick: Aladdin Knowledge Systems' eSafe 5
-
Columns
-
Perspectives: Mergers and acquisitions open security risks
Integrating infrastructures acquired from other companies without considering security and risk first exposes enterprises to myriad problems.
-
Layer 8: Choose your risk awareness battles carefully
Read at Your Own Risk
-
Ping: Phil Zimmerman
Phil Zimmerman
-
Publisher's Note
Getting It Together
-
Perspectives: Mergers and acquisitions open security risks
More Premium Content Accessible For Free
Next-generation firewalls play by new rules
E-Zine
Firewalls started their journey to the next generation at about the same time as the Star Trek TV series. While the products have advanced with ...
Developing your endpoint security management transition plan
E-Handbook
This TechGuide will help you develop your endpoint security management transition plan. Articles focus on overcoming the challenges of Web-based ...
Unlock new pathways to network security architecture
E-Zine
Network security architecture is showing its age at many organizations. With new technology, different data types, and use of multi-generations of ...