- Microsoft Windows chief decries standards grandstanding
- The 5 best, and 5 worst, features of Google Chrome OS
- Federal government using PS3 to crack pedophile passwords
- 10G Ethernet cheat sheet
- Top 10 free Windows tools for IT pros, at a glance
Mich Kabay takes a high-level view of security issues and provides resources to help safeguard your corporate and personal security.
Charles Cresson Wood's list of common mistakes you should avoid
* Mgmt. Has Not Been Sensitized To InfoSec Risks
* No Executive Sponsor For InfoSec Has Been Arranged
* Sufficient Mgmt. Approvals Were Not Obtained
* Positioning Of InfoSec Conflicts With Organizational Objectives
* Top Mgmt. Believes Its Duty Is Discharged By Appointing Someone
* Accountability Does Not Match Responsibility
* Staff Assumes Revenue Producing Activities Overshadow InfoSec
* Mgmt. Says Everybody Is Responsible
* Staff Takes A Reactive Approach To InfoSec
* Mgmt. Relies On Voluntary InfoSec Cooperation
* Contribution Made By InfoSec Is Not Regularly Reinforced
* Mgmt. Does Not Reinforce New R And R
* Major Projects Are Initiated Before R And R Are Defined
* Scope Of InfoSec Duties Are Too Narrowly Defined
* Scope Of InfoSec Duties Are Too Loosely Defined
* Not Establishing Specific Enough Job Descriptions
* Creating Job Descriptions Which Are Too Detailed
* Inappropriate Person Prepares R And R Documents
* Mgmt. Assigns Untrained And Inexperienced People
* Mgmt. Is Unwilling To Pay Market Rates For Specialists
* Technical Staff Inappropriately Promoted To Mgmt. Positions
* Time Required To Get Top Mgmt. Approval Is Underestimated
* R And R Are Not Periodically Updated
* Staff Performance Reviews Do Not Include InfoSec
* No Disciplinary Process Exists
* No Compliance Checking Process Exists
* No Clear Problem Reporting Process Exists
M. E. Kabay, PhD, CISSP-ISSMP, specializes in security and operations management consulting services. CV online.
Rss FeedRss Feed
The Leader in Network Knowledge
Comment