Security Basics mailing list archives
Re: Oh Dear, Where to start?!
From: "Bill Hardstone" <rhardstone () eudoramail com>
Date: Thu, 26 Jun 2003 13:02:41 -0400
If I were start on this assignment, I would do the following. 1. Write up a risk assessment 2. Develop a plan of action documents based on templates from SANS website 3. Develop a good working relationship with someone in the senior management and get their buy-in on this. (You might have heard this policy without teeth is not a policy after all ) The third step is most important one; if I were not able to get management buy in. Doesnt matter how good the plan that I have proposed and what vulnerabilities it is uncovering. It would probably become another plan on the shelf and will probably never be implemented. On the side note, the timeframe for this engagement is very small and to make things complicated, you will most likely receive heavy resistance on this from every level of the organization (sorry but dont mean to discourage you) but my experience is that people in the public sector are hardest to accept change, especially from an outsider. I really liked the analogy of military commander in a hot DMZ that Christopher Meidinge sketched in one of the posting I just saw I think you right in the middle on this one. Good luck, Steve My 0.2 Canadian cents Bill Need a new email address that people can remember Check out the new EudoraMail at http://www.eudoramail.com --------------------------------------------------------------------------- Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts! The Gartner Group just put Neoteris in the top of its Magic Quadrant, while InStat has confirmed Neoteris as the leader in marketshare. Find out why, and see how you can get plug-n-play secure remote access in about an hour, with no client, server changes, or ongoing maintenance. Visit us at: http://www.neoteris.com/promos/sf-6-9.htm ----------------------------------------------------------------------------
Current thread:
- RE: Oh Dear, Where to start?!, (continued)
- RE: Oh Dear, Where to start?! altug (Jun 27)
- Re: Oh Dear, Where to start?! chayden (Jun 26)
- Re: Oh Dear, Where to start?! Nicholas Diotte (Jun 26)
- RE: Oh Dear, Where to start?! sharon_joyner (Jun 26)
- RE: Oh Dear, Where to start?! Drew Hunt (Jun 26)
- Re: Oh Dear, Where to start?! Chris Berry (Jun 26)
- RE: Oh Dear, Where to start?! AKaasjager (Jun 26)
- RE: Oh Dear, Where to start?! tony tony (Jun 27)
- RE: Oh Dear, Where to start?! Mitchell Rowton (Jun 26)
- Fwd: Oh Dear, Where to start?! Rick Jones (Jun 26)
- Re: Oh Dear, Where to start?! Bill Hardstone (Jun 26)
- RE: Oh Dear, Where to start?! AKaasjager (Jun 27)
- Re: Oh Dear, Where to start?! Paul Hawkinson (Jun 27)
- RE: Oh Dear, Where to start?! alex.mole@realtimeworlds (Jun 30)
- Re: Oh Dear, Where to start?! Chris Berry (Jun 30)
- RE: Oh Dear, Where to start?! James Baumgardner (Jun 30)
- RE: Oh Dear, Where to start?! Brad Griffin (Jun 30)