Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Management
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Senior Management Buy-in (was Top Information Security Management Ch

from [Brad Bemis] Network Security [Permanent Link]
Subject: RE: Senior Management Buy-in (was Top Information Security Management Challenges in the Enterprise Today?)
Date: Fri, 11 Nov 2005 08:56:37 -0800 
I've been in situations where there was a strong understanding at the
executive level and in situations where the executive team was poorly
informed.  In one particular organization I was a part of, the IT
department heads felt that it was inappropriate to involve the
executive team - I remember the quote "they just don't fly that low" -
needless to say that after several months of struggling to establish a
security program in this environment we made very little progress.
Those companies where the executive team is aware of and visibly
endorses security policy and accountability (that is also supported by
a strong employee awareness and training program) have had the most
successful security programs and have been able to drive significant
efficiencies out of the efforts.      

-Brad Bemis

-----Original Message-----
From: john_blackley@dell.com [mailto:john_blackley@dell.com] 
Sent: Tuesday, November 08, 2005 10:09 AM
To: security-management@securityfocus.com
Subject: Re: Senior Management Buy-in (was Top Information Security
Management Challenges in the Enterprise Today?)

Further to Brad's excellent post on gathering success stories, I'd
like to ask one favor (because it's an issue in which I have an
interest): When responding, can you give some indication of whether -
or not - you believe your senior management know and understand the
content of their information security policies?
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Senior Management Buy-in (was Top Information Security Management Challenges in the Enterprise Today?), John Nolan
Next by Date:  RE: Senior Management Buy-in (was Top Information Security Management Challenges in the Enterprise Today?), Brad Bemis
Previous by Thread:  Re: Senior Management Buy-in (was Top Information Security Management Challenges in the Enterprise Today?), john_blackley
Next by Thread:  RE: Senior Management Buy-in (was Top Information Security Management Challenges in the Enterprise Today?), Cronican, John
Indexes:  [Date] [Thread] [Top] [All Lists]