Security Basics mailing list archives

RE: InfoSec Importance

From: "Andrew Chong" <andrewjw () singnet com sg>
Date: Sat, 3 Jun 2006 00:57:20 +0800


Does your company has a Internal IT Audit department or had engaged
external IT Auditors? If yes, talk to them and they will convince your
management.

Companies often want to save cost and always look at the ROI whenever
money is to be spent. If you want to show the ROI of hiring a IT
Security Officer, it is very difficult to predict the impact of the risk
until it actually happen. Using regulations requirement is the best way
to go. i.e. Basel I/II, Sarbanes Oxley, etc.

Regards,
Andrew Chong, CISSP (Singapore)

-----Original Message-----
From: Mohamad Mneimneh [mailto:mmneimneh () comium com] 
Sent: Friday, June 02, 2006 3:39 PM
To: security-basics () securityfocus com
Subject: InfoSec Importance
Importance: High


Hi List,

I am trying to convince my management of the importance of having a
security officer in the enterprise. I have googled the topic, but not
much was found. I would really benefit from your suggestions on how to
approach the management.

-Mohamad.
************************************************************************
***********************************************************
No employee or agent is authorized to conclude any binding agreement on
behalf of Comium with another party by e-mail without expressed written
confirmation by an officer of Comium. Any views expressed by an
individual in this electronic message do not necessarily reflect views
of Comium or its subsidiaries and associates. This electronic message
and its attachments are solely addressed to the addressee's, and contain
confidential information protected from disclosure belonging to Comium.
If you are not the intended addressee of this electronic message and its
attachments, kindly delete it immediately from your system and notify
the sender by electronic mail. You must not copy this message or
attachment or disclose its content to any other person. Comium does not
guarantee the integrity of this electronic message and any of its
attachments, or that they are free from computer viruses or other
defects.
************************************************************************
************************************************************

-- 
No virus found in this incoming message.
Checked by AVG Free Edition.
Version: 7.1.394 / Virus Database: 268.8.1/354 - Release Date: 6/1/2006
 

-- 
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.394 / Virus Database: 268.8.1/354 - Release Date: 6/1/2006

Current thread:

How can I track this down? Nick Duda (Jun 01)
- RE: How can I track this down? Roger A. Grimes (Jun 01)
  - Re: How can I track this down? ilaiy (Jun 01)
    - InfoSec Importance Mohamad Mneimneh (Jun 02)
    - RE: InfoSec Importance Andrew Chong (Jun 02)
    - RE: InfoSec Importance David Gillett (Jun 02)
    - Re: InfoSec Importance Nick Owen (Jun 02)
    - Re: InfoSec Importance Chris Dalton (Jun 05)
    - RE: InfoSec Importance SS (Jun 02)
    - Re: InfoSec Importance infosecadmin (Jun 05)
  - RE: How can I track this down? Gino T. Genari (Jun 07)
    - RE: How can I track this down? Erin Carroll (Jun 09)
- RE: How can I track this down? Burton Strauss (Jun 02)
- <Possible follow-ups>
- RE: How can I track this down? Portz, Jon (Jun 01)
- Re: RE: How can I track this down? dlong (Jun 02)