What’s the most important factor of a successful security program? Technology such as endpoint protection? Making sure your change management processes and system development life cycle includes consideration of security risks? Strong policies? Not quite.
Although security issues are often top of mind for many organisations, they are often not considered as part of a disaster recovery (DR) plan.
The hard sell around cloud computing is in full swing, but many potential customers are finding it hard to evaluate the security profiles of potential providers and should take a broader view of their objectives and standards, an expert in the auditing of IT security infrastructures has warned.
Security managers must break down their walled-garden mentalities and integrate security deep into the heart of increasingly flexible, BYO computing-driven IT service management (ITSM) environments or risk data death by a thousand cuts, a systems and security consultant has warned.
The aim of this article is to provide companies that offer outsourced services, (dealing with the management of information), some tangible, commercial benefits to go down the ISMS implementation and certification path.
Your board and audit committee are looking for reduction in risk exposure driven by your information security policy. Is this something you can track and measure?
Sign up now »
Manage and visualize the security and compliance of VMware, physical, and hybrid-cloud infrastructure from the RSA Archer eGRC Platform.
Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).
- Have an incident response plan.
- Pre-define your incident response team
- Define your approach: watch and learn or contain and recover.
- Pre-distribute call cards.
- Forensic and incident response data capture.
- Get your users on-side.
- Know how to report crimes and engage law enforcement.
- Practice makes perfect.
I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.