Skip to main content

Posts

Showing posts from 2015

What board of management want to see in your slides?

"It might sound like a hate speech but believe me Top Management doesn't care about security, disaster recovery, compliance, project management and a lots of other domains that you fantasize about. The Board only care about RISK ."    National Association of Corporate Directors was founded in 1977 with the goal to educate directors. What they are telling boards can be understood as what board really need you to put up in slides. Board want you to:- Talk about Enterprise-wide risk management issue rather than just IT issue. Talk about legal implication of cyber risk as they relate to their company's specific circumstances. Talk about risk avoidance, acceptance, and transfer. They basically have interest in knowing how much risk are we taking as compared to others and your confidence factor in your analysis. They want some metrics to make some references. Also, the Board want your security metrics to be thorough and should represent your entire landscape...
Post a Comment
Read more

Are Net Neutrality and Information Security are related ?

"Net Neutrality:  is the  principle  that  Internet service providers  and governments should treat all data on the  Internet  equally, not discriminating or charging deferentially by user, content, site, platform, application, type of attached equipment, or mode of communication. "                                                                                                     ~ source : Wikipedia One beautiful afternoon, Steve an employee of big MNC log on to his personal email account and see an offer through which he can tunnel his service data which cost more than normal data through a free service. To save a few bucks he could not resist but use that service (eg. vpn), but Steve...
Post a Comment
Read more

5 reasons to invest in Information Security Management System

"With great power comes great responsibility" were the words of Sten Lee, who has written these lines for the very famous movie called  Spiderman  . Leaders specially in Information Technology (IT) industry do agree with the fact  that IT has profoundly  improved them to govern and manage resources with tremendous power. While striving to achieve things in an easier way when an organization is equipped with the power of IT , some organization fail to understand the repercussions of not using the power diligently. People at different organizational level have information about their own limited functions and often does not know how the information system is affected by their roles . Information Security is one of those requirement of an organization that should be dealt with a holistic approach which require a full fledged  management system . This is because the idea is to secure information of the complete organization not just to secure  IT systems....
Post a Comment
Read more