Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Management
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Security program development (Plan)

from [jblackley] Network Security [Permanent Link]
Subject: Re: Security program development (Plan)
Date: 12 Sep 2005 20:21:58 -0000 
Larry,

the size, shape and reporting relationship of the security organization will 
depend upon the size, shape, etc. of the organization itself - plus the culture 
of the organization.

An approach to determining what fits your organization is to use reference 
material (and ISO17799 is only one small piece of what you should study) to 
determine the security organization's mission and objectives.

Define those and you'll begin to see where security should 'sit'. 

It may be a mistake but I detect, in your post, a major urge to 'just get 
security out of ops'. A word of advice from a veteran: If this is your major 
objective (as opposed to finding the 'right' place for security) you'll wind up 
only with a sore head, a broken heart or both.
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • Re: Security program development (Plan), jblackley <=
Previous by Date:  Re: Factor Analysis of Information Risk (FAIR), Subscriptions
Next by Date:  Re: Incident Regarding to CIA, jblackley
Previous by Thread:  Factor Analysis of Information Risk (FAIR), lists@infostruct.net
Next by Thread:  Vulnerability Assessment Help Needed., Emmanuel Baffo
Indexes:  [Date] [Thread] [Top] [All Lists]