You are here: silicon.com > Resources > White Papers > Security > Security Administration > Security Standards

Security Standards White Papers

Synergy in Security: Why a Combined ISO 17799 and OCTAVE Approach Makes Sense

Tags:
security standards

Overview Information systems today resemble museums more than medieval castles. The castle description of information security describes a perimeter-centric model of inside and outside. This doesn't apply as elnitiatives, third party support and outsourcing requires the perimeter to become porous. Like a museum, the challenge is to identify the critical assets and protect not just the perimeter of the network, but those assets as well. An ideal approach would be one that integrates the audit, risk assessment, recommendations and strategy into a single system. It would offer a non-propriety, tested methodology that could be replicated. The audit and risk assessment would also clearly define the mission critical elements; this makes the prioritization process in the recommendations and strategy deliverables straightforward. This is exactly the solution this paper outlines.

Further White Paper Details
Publisher	SISA	File Format	PDF
Date Published	August 2005
Format	White Papers
Topics	Security Standards, Security Management

Did you find this white paper useful?

Microsoft FDCC Webcast Series: Do It Right: Log in as Normal User

FDCC requires that the typical user run as Normal User whenever possible; without this, a managed environment is practically impossible. For organizations that have given Local Administrator rights to their...

Publisher:
Microsoft

Tags:
security standards

Gartner Report: Magic Quadrant for Secure Web Gateway, 2007

Interested in what analyst firm Gartner has to say about Blue Coat Secure Web Gateway solutions? Read its "Magic Quadrant for Secure Web Gateway, 2007" report to find out....

Publisher:
Blue Coat Systems

Diffie-Hellman Key Exchange -- A Non-Mathematician's Explanation

The Diffie-Hellman algorithm is one of the most common protocols used in networking today. An understanding of its underlying protocols and processes helps a great deal when trouble-shooting a system....

Publisher:
Global Knowledge

Segregation of Duties in the Real World: Risk-Based SoD Management With Continuous Monitoring Lowers Compliance Costs

Segregation of duties in the real world demands top-down management that eliminates financial risk without adding overhead costs or extinguishing ERP-fueled efficiency gains of the last decade. Fortunately, auditors and...

Publisher:
Oversight Systems

Tags:
security standards

Encryption Essential to Meet Information Security and Compliance Initiatives

California's unique notice of security breach act (frequently called "S.B. 1386") and the Gramm-Leach-Bliley Act of 1999 (also known as "The Financial Services Modernization Act") are two major laws that...

Publisher:
PC Guardian Technologies

How do you get your head around 'risk'?

But in order for businesses to get the benefit of such a risk assessment it must be comprehensive and structured, so the methodology can be replicated and the process becomes scalable. Alan Calder, risk expert and author of Risk Assessment for...

Tags:
it,
risk

13 top tips for better security

Asset Audit: Identify what business assets need to be protected Risk Assessment and Management: Determine the risk to exposure of these assets The Alliance for Electronic Business's magic thirteen recommendations for keeping that information sacred...

Channel:
SME Director

Council set to sack HBS from £250m outsourcing deal

Our dissatisfaction with HBS is heightened by our unflattering Corporate Performance Assessment report and the fact that District Audit heavily qualified our accounts for 2003/4," she said in a statement.

Channel:
IT Outsourcing

IT managers adopt 'stay clueless, stay safe' strategy

Almost the same amount (22 per cent) believe staff installing peer-to-peer software, games or freeware for use at home poses no threat to the enterprise when that laptop come back within the security perimeter.

Channel:
Security Strategy

Don't let IT damage your M&A success

One specific step that should but does not always appear on due diligence checklists is to review each potential party's strategic technology plans as well as the individual business plans around current technology investments or outsourcing...

The Bloor Perspective: Parmalat makes a ham-fist of it, Offshoring and Customs and Excise

Deloittes were the chief auditors and Grant Thornton conducted the audit of the 49 per cent of Parmalat's assets in varying locations and legal jurisdictions. Audit fees will almost inevitably rise to correlate with the increasing risk and...

Channel:
IT Director

Featured White Papers

Best in Class Organisations Use Packeteers WAN Optimisation Solutions

Independent research from the Aberdeen Group shows that the most successful enterprises are reaping the benefits of the Packeteer solution and are using it for competitive advantage.

Publisher:
Packeteer

Protecting key assets (security)

Key infrastructure elements must be secured against outages, damage and sabotage. Siemens offers comprehensive solutions from healthcare and power generation to water supply, transportation, and industrial production, to telecommunications.

Publisher:
Siemens

Getting Started with Master Data Management

Master data management forms part of an overall enterprise governance program that aims to establish trusted data throughout the enterprise. This white paper from Mike Ferguson of Intelligent Business Strategies defines master data, examines why it is needed, and explores methodologies for implementing master data management.