Dailydave mailing list archives
Information Security Principles
From: gf gf <unknownsoldier93 () yahoo com>
Date: Wed, 10 Mar 2004 23:18:34 -0800 (PST)
I recently had the opportunity to meet with the head of IT Security for a large government agency. Although he didn't seem to be an expert on the technical details (no surprise there), I must admit that it was enlightening to see how he viewed things: talking about the goals of security (availability, authenticity, and confidentiality), risk assessment and management (see http://www.microsoft.com/technet/itsolutions/msit/security/mssecbp.mspx for a good use of this), security policies, and methodologies. I realize now that my training and experience have been mainly in the low level, applied end - what most of us would consider the meat - protocols, app security, OS internals, etc. I'd like to expand my horizons a bit, and look at things from the other end - more general, more abstract - getting the bigger picture on information security. Yes, we tend to write these things off as fluff - but there is something to be said for them, as well. What does everyone think about this? Could anyone recommend a good book on these topics? __________________________________ Do you Yahoo!? Yahoo! Search - Find what youre looking for faster http://search.yahoo.com _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://www.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Information Security Principles gf gf (Mar 11)
- Re: Information Security Principles jeremy (Mar 11)
- RE: Information Security Principles Mike Bailey (Mar 11)
- Re: Information Security Principles Richard Thieme (Mar 11)
- Re: Information Security Principles jeremy (Mar 11)