Creating and maintaining an effective information security apparatus has always been a challenging task for security experts. This is particularly true within organizations that process sensitive customer data such as financial and health related information. With IT (Information Technology) security strategy in mind, organizations have to devise strategies that would enable them to operate in a safe environment and protect customer data. Bill Stackpole & Eric Oksendahl in their book "Security Strategy: From Requirements to Reality", lists the nine principles that security strategists must take into account before finalizing the security strategies for their organizations. This paper will explain the following three principles.
Observation …show more content…
However, mere detection does not provide the comprehensive analysis of the threats. Additional information such the origin and the intention of the threat are equally important. Moreover, a bigger attack could be preceded by small sniffing attacks to gauge the weakness in the security. Effective monitoring tools should be capable of detecting these forms of attacks, analyzing their intent and determine the scope of damage that could be caused in case of a security breach. Attacks such as DDoS (Distributed Denial of Service) target servers by sending large numbers of connection requests within a short span of time, which renders the server unresponsive. IT strategists should not only take into account the response in such events but how such attacks could be identified early on so that other backup systems could be made operational to service genuine requests. The observation principle also lays special emphasis on the identification of threats and the training of security analysts to detect suspicious behavior in the least possible time. Hackers typically do not repeat a particular style of attack again once it is used against an organization. Security analysts should be trained to detect newer and smarter forms of attacks as …show more content…
To thwart any attack, the security apparatus must be ready to deal with security challenges as they arise. Organizations usually miss this important point and lack effective coordination when there is a security breach. To mitigate any security breaches or attacks from within the organization, organizations could implement procedures such as maintaining an effective access control mechanism, encrypting sensitive information and implementing an authorized-only-device policy in the organization. Organizations could also carry out disaster recovery drills to understand the weaknesses in the security apparatus and identify the best course of actions in case of emergencies. The plans should be detailed enough to provide a comprehensive defense against an attack. Incident managers should be well versed with the emergency protocols such as coordination, information sharing and backup procedures that are necessary under such circumstances.
These principles provide security strategists the necessary guidelines to implement an effective security apparatus. With data security becoming one of the top concerns for organizations that handle sensitive customer information, it is important that security analysts look at the holistic picture of the security landscape rather than having a narrow scoped approach to protect and improvise their security
Observation …show more content…
However, mere detection does not provide the comprehensive analysis of the threats. Additional information such the origin and the intention of the threat are equally important. Moreover, a bigger attack could be preceded by small sniffing attacks to gauge the weakness in the security. Effective monitoring tools should be capable of detecting these forms of attacks, analyzing their intent and determine the scope of damage that could be caused in case of a security breach. Attacks such as DDoS (Distributed Denial of Service) target servers by sending large numbers of connection requests within a short span of time, which renders the server unresponsive. IT strategists should not only take into account the response in such events but how such attacks could be identified early on so that other backup systems could be made operational to service genuine requests. The observation principle also lays special emphasis on the identification of threats and the training of security analysts to detect suspicious behavior in the least possible time. Hackers typically do not repeat a particular style of attack again once it is used against an organization. Security analysts should be trained to detect newer and smarter forms of attacks as …show more content…
To thwart any attack, the security apparatus must be ready to deal with security challenges as they arise. Organizations usually miss this important point and lack effective coordination when there is a security breach. To mitigate any security breaches or attacks from within the organization, organizations could implement procedures such as maintaining an effective access control mechanism, encrypting sensitive information and implementing an authorized-only-device policy in the organization. Organizations could also carry out disaster recovery drills to understand the weaknesses in the security apparatus and identify the best course of actions in case of emergencies. The plans should be detailed enough to provide a comprehensive defense against an attack. Incident managers should be well versed with the emergency protocols such as coordination, information sharing and backup procedures that are necessary under such circumstances.
These principles provide security strategists the necessary guidelines to implement an effective security apparatus. With data security becoming one of the top concerns for organizations that handle sensitive customer information, it is important that security analysts look at the holistic picture of the security landscape rather than having a narrow scoped approach to protect and improvise their security