Re: R: incident response - management approach

["Douglas K. Fischer" <fischerdk () purefm net>]

At 05:39 PM 10/21/2002, Alessandro Bottonelli wrote:
> > ... Even incident response perhaps is partially a
> > top management activity?
> >
> Most definitevely YES! There are responses that are top management
> responsability (think of a major bank network under attack, only
> top management can be in the position to decide to "pull the plug
> off" ... ).

This can't be stressed enough, IMO. Incident response (and in fact security 
as a whole) requires endorsement and involvement to start at the very top 
of the food chain in an organization. It can't be an effort brought forth 
by the IT department, with management along for the ride (or worse yet, 
management resisting). Information Security is a core component of overall 
organizational security (physical, personnel, etc) and requires 
organizational risk assessment and decision-making.

FWIW,

Doug


------------------------------------------------------------

This email, and any included attachments, have been checked
by Norton AntiVirus Corporate Edition (Version 7.6), AVG
Server Edition 6.0, and Merak Email Server Integrated
Antivirus (Alwil Software's aVast! engine) and is certified
Virus Free.