Why is security so difficult? Adversaries have fewer rules and more resources than most defenders. Today, security focuses on technology, and compliance is driving many security decisions. A risk management program headed by a chief risk officer, can bring a structured, organized approach to your company?s security. It provides feedback loops and checks-and-balance capabilities, ensures appropriate communication and collaboration between risk program and organization, and guarantees that a member from risk management is represented in key organizational activities. Find out the five key elements of a risk management program.
Flash drives containing classified U.S. military data were sold on the cheap in an Afghan bazaar. Laptops were stolen right out of meeting rooms. Smartphones are left in taxis every day. Today's mobile workforce lives and breathes on mobile devices. Learn why and how to protect them and the data they contain.
Information security has become a critical issue within organizations, and a key success factor for businesses. To effectively maintain the integrity and security of an organization's information infrastructure effective security metrics and measures must be developed, implemented and monitored. Learn about enterprise security metrics and the concepts that must be considered when developing, implementing, and monitoring them. Understand how to identify measurable points and activities, develop meaningful metrics and measures and monitor concepts. Case studies and scenarios demonstrate operational scenarios for the benefits and challenges of securing information.
According to this presentation by Getronics, metrics are the key to effective governance. Measuring provides meaningful understanding of business process effectiveness; the ability to mature processes for constant
improvement; and early-warning radar for threats and vulnerabilities.
Outsourcing is a term that is used to generically describe various types of cooperation agreements between two parties. It is when sensitive outsourcing services are organized that nuances emerge, because they can be viewed from different perspectives. They include the distinction between Network and Desktop Outsourcing Services (NDOS) and Business Process Outsourcing (BPO). These are usually multi-year contracts and include services related both to maintaining and managing the environments involved.