Security Basics mailing list archives
Re: How to create security awareness in top management
From: "Alexander Bolante" <alexander.bolante () gmail com>
Date: Tue, 3 Oct 2006 10:30:47 -0700
Is governance, legal and regulatory compliance a business driver for Top Management? If so, you should consider including them in your preso: - SOX - HIPAA - Gramm Leach Bliley - European Data Protection Directive - etc. Definitely mention factoids about information security like "it remains a top 5 CIO issue" or pull some latest statistics from Gartner, Forrester, etc. Information security is a set of activities driven by business policy that minimize the business costs (risk) of damage to information assets in all forms. You may also want to talk more about activities of secure information handling and provide relevant examples: Authentication: I know who I am talking to. Administration: I can set the rules. Authorization: I can enforce the rules. Availability: The system is there when I need it. Asset Protection: I can prevent modification/disclosure in transit or in storage. Accountability: I know who did what and when. Assurance/Auditability: The system is working the way I think it is, and I can prove it. The other elements suggested by the rest of this forum are a great start for you. Good luck! Cheers! Alexander On 10/2/06, William Woodhams <William.Woodhams () wegmans com> wrote:
Depending how much time you have you can show how insecure your company is by showing real attacks and information that could be Easley acquired. Also possibly deface the "test" public site and bring it up is another idea. This is just showing them that hey we are vulnerable. Bill Woodhams Systems Technician Development Group-Technical Systems (585)429-3183 William.Woodhams () wegmans com Newcastle United signs Michael Owen...Enough Said! -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of itsec.info Sent: Monday, October 02, 2006 1:02 PM To: security-basics () securityfocus com Subject: How to create security awareness in top management Hi all I have got a job to make top management aware that their company must take care about information security (presentation and discussions). I will not go into too much technical details and I would like to start with some good stories which show in an easy and understandable way that information security is needed. Does anybody has some information where I can take out some good ideas to start with? -- Any help is very much appreciated. Regards, Mike ------------------------------------------------------------------------ --- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. http://www.msia.norwich.edu/secfocus ------------------------------------------------------------------------ --- --------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
-- DISCLAIMER This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. --------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINEThe NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life.
http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- Re: How to create security awareness in top management, (continued)
- Re: How to create security awareness in top management Petrus Repo (Oct 03)
- Re: How to create security awareness in top management David Jacoby (Oct 10)
- Re: How to create security awareness in top management itsec.info (Oct 11)
- Re: How to create security awareness in top management Saqib Ali (Oct 11)
- Re: How to create security awareness in top management Rubén Aquino Luna (Oct 12)
- RE: How to create security awareness in top management Ryan Counts (Oct 12)
- RE: How to create security awareness in top management David Gillett (Oct 13)
- Re: How to create security awareness in top management David Jacoby (Oct 13)
- Re: How to create security awareness in top management itsec.info (Oct 11)
- RE: How to create security awareness in top management William Woodhams (Oct 03)
- Re: How to create security awareness in top management Steve Hillier (Oct 03)
- Re: How to create security awareness in top management Alexander Bolante (Oct 03)
- Re: How to create security awareness in top management Davejess (Oct 03)
- RE: How to create security awareness in top management anyluser (Oct 03)
- Re: How to create security awareness in top management crazy frog crazy frog (Oct 03)
- RE: How to create security awareness in top management Mohamad Mneimneh (Oct 04)
- Re: Re: How to create security awareness in top management paavan23 (Oct 13)