Security Management Strategies for the CIOAccess "Layer 8: Choose your risk awareness battles carefully"
This article is part of the September 2005 issue of What's the best IT security advice you've ever received?
Victorian-era fears about being buried alive led to the patenting of clever mechanisms to allow hapless individuals to escape from their own interment. Feel free to chuckle over that, but the next time you get into an argument over infosecurity risk, take a moment to stop and consider whether one of you is overly concerned about coffin escape hatches. After political issues, risk perception issues represent the biggest challenge for the security professional. Accurately understanding risk and effectively communicating that understanding to others is core to any risk management role. Conveying an accurate picture of risk requires more than building awareness of organizational priorities; it also involves teaching employees what to do about it. Most importantly, it requires inculcating a culture in which people want to help. We, as humans, actually have a marvelously effective mechanism for coping with familiar risks. Unfortunately, the natural confidence this engenders is counterproductive when confronting the unfamiliar risk situations of today's wired world... Access >>>
Access TechTarget
Premium Content for Free.
What's Inside
Features
-
-
SSL VPN: Aventail's EX-1500
A review of Aventail's EX-1500
-
Sunbelt Software's CounterSpy Enterprise 1.5 Product Review
In this product review, get the pros and cons of Sunbelt Software's CounterSpy Enterprise 1.5 features, such as antispyware scanning, centralized logging and reporting.
-
Single Sign-On
Imprivata's OneSign 2.8
-
Sizing up e-mail appliances
by Tom Bowers, Contributor
Information Security magazine tests four e-mail appliances designed to clear the way for safe messaging. Here's how they measured up.
-
Top 5 Hacker Tools: Google hacker, password cracker, WLAN detector
by Ed Skoudis, Contributor
Read about five must-have hacker tools: WikTo, a Web scanner and Google hacking tool; Paros Proxy, a Web application manipulation proxy; Cain and Abel, a password sniffer/cracker; Winfingerprint, a Windows configuration harvester; and Wellenreiter, a passive WLAN detector. Get a feel for their capabilities, and then carefully incorporate each into your assessment methodology.
-
SSL VPN: Aventail's EX-1500
-
-
Hot Pick: Aladdin Knowledge Systems' eSafe 5
Aladdin Knowledge Systems' eSafe 5
-
Recent Releases: Security product briefs, September 2005
Read about security products that launched in September 2005.
-
A Field Guide to Passive Reconnaissance and Indirect Attacks
Read a review of the security book: Silence on the Wire: A Field Guide to Passive Reconnaissance and Indirect Attacks.
-
Best Advice
In this must-read compilation, we asked security luminaries to share their anecdotes, professional wisdom and success stories.
-
Hot Pick: Aladdin Knowledge Systems' eSafe 5
-
Columns
-
Perspectives: Mergers and acquisitions open security risks
Integrating infrastructures acquired from other companies without considering security and risk first exposes enterprises to myriad problems.
-
Layer 8: Choose your risk awareness battles carefully
Read at Your Own Risk
-
Ping: Phil Zimmerman
Phil Zimmerman
-
Publisher's Note
Getting It Together
-
Perspectives: Mergers and acquisitions open security risks
More Premium Content Accessible For Free
Next-generation firewalls play by new rules
E-Zine
Firewalls started their journey to the next generation at about the same time as the Star Trek TV series. While the products have advanced with ...
Developing your endpoint security management transition plan
E-Handbook
This TechGuide will help you develop your endpoint security management transition plan. Articles focus on overcoming the challenges of Web-based ...
Unlock new pathways to network security architecture
E-Zine
Network security architecture is showing its age at many organizations. With new technology, different data types, and use of multi-generations of ...