PRO+ Premium Content/Information Security magazine

Thank you for joining!
Access your Pro+ Content below.
December 2003

Why policies, products, people and processes matter to enterprise security

I hear lots of security stories -- about massive security architecture projects, attempts to implement role-based access control, techniques for fighting viruses and spam, and so on. When you listen to as many stories as I do, the "best" often bubble to the top. In the spirit of this special issue of Information Security, here are my thoughts about what defines the best People, Policies, Processes and Products in infosecurity. The best People are those who embrace the challenge of securing the business. Most security managers are having a tough time getting their arms around this whole "business view of security" thing. As security professionals, we're genetically programmed to anticipate bad things that might happen, and then work tirelessly to mitigate the risk. But now, business units and executives are leaning on security managers to justify their actions and budget requests from a business perspective. That's new territory for most security professionals. Ultimately, cracking this nut will fix the most serious problems ...

Access this PRO+ Content for Free!

By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.

You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

Features in this issue

Columns in this issue