Search
  Advanced Search
Results
Total: 56 results found.
Refine your search by section:  Content (51)  Tags (3)  Menus (2)
Order by
  
Display
nformation security refers to the protection of sensitive company data and vital systems from external attacks, such as theft or destruction. Part one of this series explored how organisations can determine whether outsourcing information security to a Managed Security Service Provider (“MSSP”) would be the best way to identify, prevent and recover ...
Section: Content | Category: Sourcing & Staffing | Date: Wednesday, 31 December 2003 | Hits: 367
Like any other sourcing transaction, relationships with Managed Security Service Providers (‘MSSPs’) that provide information security must be rationalised and planned by customers. Information security is an area of growing concern, but must be fully understood before a decision can be made regarding the approach an organisation will take to protect ...
Section: Content | Category: Sourcing & Staffing | Date: Friday, 28 November 2003 | Hits: 325
Conclusion: Dedicated IT security people are too expensive for SMB organisations. The market trend is towards outsourcing security tasks, and the SMB market must embrace this. Large organisations (500+ people) should make internal security people the managers of internal security programs, and managers of the relationship with managed security service ...
Section: Content | Category: Security Leadership | Date: Saturday, 28 April 2007 | Hits: 468
Conclusion:The latest Verizon Data Breach Investigation report (2011) continues many of the themes drawn out since its first publication in 2008. However, the DBIR is not a best practice guide on how to secure organisational data; it is an aggregation of cases where organisations failed to secure theirs. Consequently, the DBIR should be viewed as a ...
Section: Content | Category: Security Leadership | Date: Thursday, 26 May 2011 | Hits: 864
Conclusion: Security professionals are valuable not only for what they know, but also for how they think. However, this style of thinking can often result in them being alienated for “being too negative”. An alienated security professional is a waste of resources, so CIOs should adopt DeBono’s Six Thinking Hats, a thinking exercise based on role-play, ...
Section: Content | Category: Security Leadership | Date: Thursday, 24 June 2010 | Hits: 621
Conclusion: Every technology trend in the financial services sector (principally BYOD, changes in cybercrime, cloud, and DLP) has an aspect of identity and access management. IBRS research on the identity management market in Australia has found that there is a very small resource pool of sufficiently skilled practitioners. This means that the financial ...
Section: Content | Category: Security Leadership | Date: Saturday, 23 June 2012 | Hits: 793
Conclusion: Remediating major systems is not a job for the faint-hearted or over-confident IT managers. Poor governance decisions and excessive optimism can easily lead to project failures (and ruin careers). Conversely smart decisions combined with sound project leadership can increase the probability of success and enhance careers. Observations: ...
Section: Content | Category: Applications | Date: Wednesday, 25 June 2014 | Hits: 775
Conclusion: Despite the apparent value of the DSD’s Top 35 Mitigation Strategies report, organisations considering executing its recommendations will have to weigh up the business impact of implementation. In some instances, a mitigation strategy may be too intrusive on business operations. For some, the cost of ongoing support may be too high. However, ...
Section: Content | Category: Security Leadership | Date: Thursday, 27 October 2011 | Hits: 810
Conclusion: IT security strategies are an invaluable resource as a means of coordinating security efforts and in improving funding approval for security projects – because they can be shown to be following a coherent consistent strategy. The process to create them is an overlooked source of value for the information that it uncovers. An IT security ...
Section: Content | Category: Security Leadership | Date: Wednesday, 28 March 2012 | Hits: 785
Conclusion: As cloud services - typically Software as a Service - become increasingly accepted, the IT industry is gaining valuable experience in the actual risks of putting data in the cloud. Most of these risks centre around data confidentiality. Knowing the actual risks, rather than the fear, uncertainty and doubt that vendors and security consultants ...
Section: Content | Category: Security Leadership | Date: Saturday, 28 January 2012 | Hits: 949