| Javascript Feeds RSS Feed Security Dashboard | SearchSecurity.com |
|
Leveraging a Securing Awareness Program from a Security Policy What do we really know about the 3security policy that the parent company boasts? Does it address our divisional business needs; do I even know where to find it? Worse yet, Operations doesn't know much about it and the dispatchers on the floor haven't heard of it. How do we make the security policy a tool that the organization will adopt as a lifestyle change? Now what do we do?
By Howard Uhr, 05/11/2004
|
|
Creating an IT Security Awareness Program for Senior Management This paper will present an approach to creating and deploying a security awareness program with senior management as the intended audience. This paper is intended as a guideline to creating a successful security awareness program for your organization. A successful program for senior management is the key to the security program for the entire organization and therefore needs to be carefully and concisely constructed.
By Robert Nellis, 04/30/2004
|
|
Secure This: Organizational Buy-in (A communications approach) This paper will discuss the importance of buy-in and will recommend methods for soliciting and securing buy-in using a communications theory perspective. It is not the intention of the author to explore the topic in depth; rather, the purpose is simply to offer ideas which merit further exploration and discussion.
By Wendy E. Ady, 04/20/2004
|
|
Introduction and Education of Information Security Policies to Employees in My Organization Through a comprehensive training program, the Information Security Office has successfully educated and trained existing staff and continues to train new staff throughout the Asia Pacific region. In order to keep the staff interested in the Information Security Policies, ISO has to continue to think of new and innovative ways to reinforce the importance of information security to all staff in the organization.
By Harbinder Kaur, 04/20/2004
|
|
Security Awareness Starts in IT This practical is written to provide an overall “how to” perspective of introducing concepts of good security policy and its potential impact on security design . We have to continually remind ourselves that the security design group is highly technical, and in the midst’s of day to day implementations and deployment of new security informational assets.
By William Farrar, 04/20/2004
|
|
Security Awareness: Help the Users Understand As security professionals, we spend hours every week trying to “defend our networks from every possible threat. Throughout all of this effort, we forget about the users. The users are the key to a successful security program and what do we do? Frank Hayes, writing for Computer World, “Permissions, virus filters, limited data access, digital certificates, encryption and piles of passwords - they're all pretty much the same to users. They're a pain. They chew up valuable time. They get in the way. So what do most users do when faced with this in-their-face, time-and-effort-consuming security?
By Kenton Smith, 04/20/2004
|
|
Security Awareness Training Quiz - Finding the WEAKEST link! The security overview should be designed and implemented to help end-users get better acquainted with the network environments that they work in. A basic framework should be put in place to ensure the end users will be able to understand the concepts. Different tests may be catered around more technical groups if necessary, and the testing mechanism should be mandatory to determine if the end users understand the concepts covered.
By David Sustaita, 04/18/2004
|
|
The Ultimate Defense of Depth: Security Awareness in Your Company Defense of depth is one of the key, basic principles of security taught by SANS as part of their Security Essentials curriculum. The idea is the more lines of defense a company has in place, the less likely there will be a successful penetration, the more chance there is that an attack can be detected and the most likeliness an attacker will give up and move on to another more vulnerable target. In this light, many people might think of multiple layers of technology such as firewalls, networks, host and network intrusion detection systems, bastion hosts, etc. that would comprise this defense of depth. However, we know based on published surveys and analyses that the biggest threat to our technology environment is often ourselves.
By Brian D. Voss, 04/18/2004
|
|
Security Awareness Training and Privacy An organization’s security policy sets the standard for the way in which critical business information and systems will be protected from both internal and external threats. Defining a security policy is an opportunity for an organization to simultaneously define and refine its collective attitude to both its internal operations and external relationships, and, as such, embraces all aspects of the organization's operations, not just those directly impinged by "IT". (Lightfoot) Security policy must adapt to changing needs within the organization. Personnel responsible for creating and maintaining the security policy must learn to recognize changes in technology that impact security and how those changes impact the organization and the people who work for the organization.
By Michelle Johnston, 04/18/2004
|
|
Security Awareness - Implementing an Effective Strategy Although the weakness that people present can never be totally eliminated, a well-planned security awareness program can help to reduce the risk to an acceptable level. It is critical that people understand their role in protecting information and information assets. This paper examines the importance of security awareness and how it supports the fundamental goals of an information security program. In addition, this paper provides a recommendation for implementing an effective security awareness strategy. This paper also spends considerable time discussing common obstacles to implementing an effective strategy. These obstacles have been derived from a combination of real world experience and research.
By Chelsa Russell, 04/18/2004
|
|
Page: 1 23 |
