- How to make new stuff from your piles of obsolete tech
- Why your computer sucks
- 10 recession-proof IT skills
- Juniper execs share network vision
- 9-year-old plots his fifth Microsoft certification
Mich Kabay takes a high-level view of security issues and provides resources to help safeguard your corporate and personal security.
Charles Cresson Wood's list of common mistakes you should avoid
* Mgmt. Has Not Been Sensitized To InfoSec Risks
* No Executive Sponsor For InfoSec Has Been Arranged
* Sufficient Mgmt. Approvals Were Not Obtained
* Positioning Of InfoSec Conflicts With Organizational Objectives
* Top Mgmt. Believes Its Duty Is Discharged By Appointing Someone
* Accountability Does Not Match Responsibility
* Staff Assumes Revenue Producing Activities Overshadow InfoSec
* Mgmt. Says Everybody Is Responsible
* Staff Takes A Reactive Approach To InfoSec
* Mgmt. Relies On Voluntary InfoSec Cooperation
* Contribution Made By InfoSec Is Not Regularly Reinforced
* Mgmt. Does Not Reinforce New R And R
* Major Projects Are Initiated Before R And R Are Defined
* Scope Of InfoSec Duties Are Too Narrowly Defined
* Scope Of InfoSec Duties Are Too Loosely Defined
* Not Establishing Specific Enough Job Descriptions
* Creating Job Descriptions Which Are Too Detailed
* Inappropriate Person Prepares R And R Documents
* Mgmt. Assigns Untrained And Inexperienced People
* Mgmt. Is Unwilling To Pay Market Rates For Specialists
* Technical Staff Inappropriately Promoted To Mgmt. Positions
* Time Required To Get Top Mgmt. Approval Is Underestimated
* R And R Are Not Periodically Updated
* Staff Performance Reviews Do Not Include InfoSec
* No Disciplinary Process Exists
* No Compliance Checking Process Exists
* No Clear Problem Reporting Process Exists
M. E. Kabay, PhD, CISSP-ISSMP, specializes in security and operations management consulting services and teaching. He is Chief Technical Officer of Adaptive Cyber Security Instruments, Inc. and Associate Professor of Information Assurance in the School of Business and Management at Norwich University. Visit his Web site for white papers and course materials.
Rss FeedRss Feed
The Leader in Network Knowledge
Comment