Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Management
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Top Information Security Management Challenges in the Enterpr ise To

from [J Kallberg] Network Security [Permanent Link]
Subject: Re: Top Information Security Management Challenges in the Enterpr ise Today?
Date: Wed, 26 Oct 2005 01:19:57 -0500 
"I think the biggest challenge is getting management at all levels to accept 
that security is a management issue "

I think that has been the challenge as long as I can remember --- maybe the 
good flip side with SOX etc is that
they feel a "threat" if not addressed. If it goes down in flames, then it is a 
management error. 

JK



  ----- Original Message ----- 
  From: Mike Gillespie 
  To: "Weigel Muñoz, Margarita" 
  Cc: 'Ali Al-Otaibi' ; Samir Pawaskar ; bradleyb@bradleyb.net ; 
security-management@securityfocus.com 
  Sent: Sunday, October 23, 2005 8:18 AM
  Subject: Re: Top Information Security Management Challenges in the Enterpr 
ise Today?


  I think the biggest challenge is getting management at all levels to accept 
that security is a management issue and not purely a technical issue.  
Companies spend a fortune installing perimeter security in the form of 
firewalls, IDS, IPS etc and then refuse to allocate even a small budget to 
development of adequate policies and procedures and to educating staff through 
security awareness programs.  Since nearly 80% of all security beaches are 
caused by employees, and since the vast majority of tribunals occur as a result 
of staff misuse of information processing facilities, you would think 
management would take staff education and policy development more seriously

  Mike Gillespie
  Principal Consultant 
  Advent IM Ltd

  http://www.advent-im.co.uk


  Weigel Muñoz, Margarita wrote: 
Yeah! The most. You could improve the security just with money.  We could
make the most secure sistems with the best resources. Ask for them to de Top
management..... It´s really "the most major challenge"

Best regards.

-----Mensaje original-----
De: Ali Al-Otaibi [mailto:aalotaibi@shb.com.sa]
Enviado el: Jueves, 20 de Octubre de 2005 06:49 a.m.
Para: Samir Pawaskar
CC: bradleyb@bradleyb.net; security-management@securityfocus.com
Asunto: Re: Top Information Security Management Challenges in the
Enterprise Today?








The most major challenge I faced was Top management understanding  of
Information Security



 

                      Samir Pawaskar

                      <samirp@eim.ae>          To:      Brad Bemis
<bradleyb@bradleyb.net>            
                                               cc:
security-management@securityfocus.com         
                      10/18/2005 09:10         Subject: Re: Top Information
Security Management       
                      AM                       Challenges in the Enterprise
Today?                    
                      Please respond

                      to Samir

                      Pawaskar

 




IMHO

The following are some of the major challenges to Security Management

Compliance of Security Policy by End Users.
        Do Security Awareness Campaigns.

Patch Management
    Old one.. but still remains an obnoxious issue.

Regards

Samir Pawaskar
CISSP, BS7799LA, CCNP, MCSE


----- Original Message -----
From: "Brad Bemis" <bradleyb@bradleyb.net>
To: "'Security'" <security-management@securityfocus.com>
Sent: Tuesday, October 18, 2005 4:34 AM
Subject: Top Information Security Management Challenges in the Enterprise
Today?


  -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I am interested in hearing about what many of you consider to be the
top information security management challenges that organizations
face today...  and if possible, a short synopsis of the actions that
you've taken to address them within your own organizations.

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1

iQIVAwUBQ1RC/wiGfsWIs63wAQJsdw//RjbbCM2t8mf0sjG3TvN9vHG4cRhGXaM0
0nsN3Mz5PSIXLvRUqZhU9x5c4FFPrrrz5WOalM0PiZHX6rylkbMUlWB4RtPfren0
fC6tOfH2xFvyiutIoSFvVIGuAstd4HtZajj+4Q97NQQEVrFBPs5lHfvALOWvrawU
NHVUW7sIlztucxGQ0T5t7nngGxhTGOOEy8W9jgtvyNvBa2MPXYkDIFHdNb6oO4PX
4+D4Sv36iHeS/5DoS4uEVrS4EwCV3VUp6Mhe6qFixTKtx81jdGgNMV5EBR4bf3GL
xZ8AONBxsnEgPkXhyazw3ywOWZL3WfnNCwlGG1bZ6LaY4R4yv/Ly2aGXZzynvTKQ
B+0bCFwlcbRoOluhGSexv/0LwjQ6ZrVviaSWJ9z4u5DNblmxmXKIlTCmZjzfGX9B
Z1wiFfjbdSBHdNgcogNVpp338EdqbjAPxhvy2W6mZaEVXWjv38gVYYBQpt3FYBj3
pbV54nP90P8ds8UQZ1sX1HbhZYOx4HS6AJMKkiMe/HiShG57vt8Qp8OB7f6fObId
2B5LYKjPPZZ5Cz1lWFz3MvCsNBJd35z3svHctJ4xTQ9zT6qGq0d6ELdzbxET+f3l
hc5BFTl3KoVDdMnXLOASUHYsykUvMY5U4syqj3OiRcaSJybQj5/Tlna3aadzP2KZ
VJPpGHTuFiA=
=NQPK
-----END PGP SIGNATURE-----

    



El contenido de este mail y cualquier archivo adjunto son confidenciales.
Está dirigido solo a los destinatarios. Cualquier divulgación, distribucion
o copia de esta comunicación o cualquiera de sus contenidos está prohibida.
Si Ud. ha recibido este mail por error por favor reenvíelo al remitente
inmediatamente, borre el original y cualquier copia que resida en su
computadora.
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: bank audit checklist, Nick Puetz
Next by Date:  Re: IT Department Size, Robert Holtz
Previous by Thread:  Re: Top Information Security Management Challenges in the Enterpr ise Today?, Mike Gillespie
Next by Thread:  =?iso-8859-1?Q?Re:_Guidelines_For_System_Administrators??=, asutton
Indexes:  [Date] [Thread] [Top] [All Lists]