Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Management
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Top Information Security Management Challenges in the Enterprise To

from [Robert Myles] Network Security [Permanent Link]
Subject: RE: Top Information Security Management Challenges in the Enterprise Today?
Date: Wed, 26 Oct 2005 09:11:08 -0500 
All,

The biggest challenge is to get the executive management to realize that information security is not jut an IT or Compliance issue, rather that it is a Business Issue and affects the entire enterprise of whatever your business is. I find that most execs feel that it is just an IT issue and fail to realize that it is integral to the continuing functionality and success of the business.


Robert Myles, CISSP, CISM
Chief Technology & Information Security Officer
(H) 817-488-0110
(M) 817-773-7660
(O) 214-590-0559
(P) 888-822-2958





From: "Weigel Muqoz, Margarita" <mmunioz@metrovias.com.ar>
To: 'Mike Gillespie' <mike.gillespie@advent-im.co.uk>,"Weigel Muqoz, Margarita" <mmunioz@metrovias.com.ar>
CC: 'Ali Al-Otaibi' <aalotaibi@shb.com.sa>,Samir Pawaskar <samirp@eim.ae>, bradleyb@bradleyb.net,security-management@securityfocus.com
Subject: RE: Top Information Security Management Challenges in the Enterpr ise Today?
Date: Mon, 24 Oct 2005 11:15:05 -0300

I agree with you Mike, I always think about years ago when we developed
systems "APB", for all the persons, (solid systems), now It4s the new
challenge.. We can do awareness, we can dissuade but we can't change the
criminal behavior. We have to secure the information with technology, strong
procedures and the best policies in function the really risk they
have.<?xml:namespace prefix = o ns =
"urn:schemas-microsoft-com:office:office" />

best regads

-----Mensaje original-----
De: Mike Gillespie [mailto:mike.gillespie@advent-im.co.uk]
Enviado el: Domingo, 23 de Octubre de 2005 10:19 a.m.
Para: "Weigel Muqoz, Margarita"
CC: 'Ali Al-Otaibi'; Samir Pawaskar; bradleyb@bradleyb.net;
security-management@securityfocus.com
Asunto: Re: Top Information Security Management Challenges in the Enterpr
ise Today?


I think the biggest challenge is getting management at all levels to accept
that security is a management issue and not purely a technical issue.
Companies spend a fortune installing perimeter security in the form of
firewalls, IDS, IPS etc and then refuse to allocate even a small budget to
development of adequate policies and procedures and to educating staff
through security awareness programs.  Since nearly 80% of all security
beaches are caused by employees, and since the vast majority of tribunals
occur as a result of staff misuse of information processing facilities, you
would think management would take staff education and policy development
more seriously

Mike Gillespie
Principal Consultant
Advent IM Ltd

http://www.advent-im.co.uk <http://www.advent-im.co.uk>


Weigel Muqoz, Margarita wrote:

Yeah! The most. You could improve the security just with money.  We could

make the most secure sistems with the best resources. Ask for them to de Top

management..... It4s really "the most major challenge"



Best regards.



-----Mensaje original-----

De: Ali Al-Otaibi [ mailto:aalotaibi@shb.com.sa
<mailto:aalotaibi@shb.com.sa> ]

Enviado el: Jueves, 20 de Octubre de 2005 06:49 a.m.

Para: Samir Pawaskar

CC:  bradleyb@bradleyb.net <mailto:bradleyb@bradleyb.net> ;
security-management@securityfocus.com
<mailto:security-management@securityfocus.com>

Asunto: Re: Top Information Security Management Challenges in the

Enterprise Today?

















The most major challenge I faced was Top management understanding  of

Information Security











                      Samir Pawaskar



<mailto:samirp@eim.ae> <samirp@eim.ae> To:
Brad Bemis

 <mailto:bradleyb@bradleyb.net> <bradleyb@bradleyb.net>

                                               cc:

security-management@securityfocus.com
<mailto:security-management@securityfocus.com>

10/18/2005 09:10 Subject: Re: Top Information

Security Management

AM Challenges in the Enterprise

Today?

                      Please respond



                      to Samir



                      Pawaskar













IMHO



The following are some of the major challenges to Security Management



Compliance of Security Policy by End Users.

        Do Security Awareness Campaigns.



Patch Management

    Old one.. but still remains an obnoxious issue.



Regards



Samir Pawaskar

CISSP, BS7799LA, CCNP, MCSE





----- Original Message -----

From: "Brad Bemis"   <mailto:bradleyb@bradleyb.net> <bradleyb@bradleyb.net>

To: "'Security'"   <mailto:security-management@securityfocus.com>
<security-management@securityfocus.com>

Sent: Tuesday, October 18, 2005 4:34 AM

Subject: Top Information Security Management Challenges in the Enterprise

Today?







-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1



I am interested in hearing about what many of you consider to be the

top information security management challenges that organizations

face today...  and if possible, a short synopsis of the actions that

you've taken to address them within your own organizations.



-----BEGIN PGP SIGNATURE-----

Version: PGP 8.1



iQIVAwUBQ1RC/wiGfsWIs63wAQJsdw//RjbbCM2t8mf0sjG3TvN9vHG4cRhGXaM0

0nsN3Mz5PSIXLvRUqZhU9x5c4FFPrrrz5WOalM0PiZHX6rylkbMUlWB4RtPfren0

fC6tOfH2xFvyiutIoSFvVIGuAstd4HtZajj+4Q97NQQEVrFBPs5lHfvALOWvrawU

NHVUW7sIlztucxGQ0T5t7nngGxhTGOOEy8W9jgtvyNvBa2MPXYkDIFHdNb6oO4PX

4+D4Sv36iHeS/5DoS4uEVrS4EwCV3VUp6Mhe6qFixTKtx81jdGgNMV5EBR4bf3GL

xZ8AONBxsnEgPkXhyazw3ywOWZL3WfnNCwlGG1bZ6LaY4R4yv/Ly2aGXZzynvTKQ

B+0bCFwlcbRoOluhGSexv/0LwjQ6ZrVviaSWJ9z4u5DNblmxmXKIlTCmZjzfGX9B

Z1wiFfjbdSBHdNgcogNVpp338EdqbjAPxhvy2W6mZaEVXWjv38gVYYBQpt3FYBj3

pbV54nP90P8ds8UQZ1sX1HbhZYOx4HS6AJMKkiMe/HiShG57vt8Qp8OB7f6fObId

2B5LYKjPPZZ5Cz1lWFz3MvCsNBJd35z3svHctJ4xTQ9zT6qGq0d6ELdzbxET+f3l

hc5BFTl3KoVDdMnXLOASUHYsykUvMY5U4syqj3OiRcaSJybQj5/Tlna3aadzP2KZ

VJPpGHTuFiA=

=NQPK

-----END PGP SIGNATURE-----













El contenido de este mail y cualquier archivo adjunto son confidenciales.

Esta dirigido solo a los destinatarios. Cualquier divulgacisn, distribucion

o copia de esta comunicacisn o cualquiera de sus contenidos esta prohibida.

Si Ud. ha recibido este mail por error por favor reenvmelo al remitente

inmediatamente, borre el original y cualquier copia que resida en su

computadora.



El contenido de este mail y cualquier archivo adjunto son confidenciales.
Esta dirigido solo a los destinatarios. Cualquier divulgacisn, distribucion
o copia de esta comunicacisn o cualquiera de sus contenidos esta prohibida.
Si Ud. ha recibido este mail por error por favor reenvmelo al remitente
inmediatamente, borre el original y cualquier copia que resida en su
computadora.


[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: IT Department Size, Christoph Gruber
Next by Date:  RE: bank audit checklist, Mike Bailey
Previous by Thread:  Senior Management Buy-in (HOW DO YOU OVERCOME?), Steven Allison (DHL US)
Next by Thread:  Re: Top Information Security Management Challenges in the Enterprise Today?, J Kallberg
Indexes:  [Date] [Thread] [Top] [All Lists]