Report On Information Security Management Essay
During the last SLP report on information security management the concerns of the organization VPN were discussed. However, in this module we would like to use a big brush and with the use of wide strokes examine the impact of continuous monitoring pertaining to information security systems. While the VPN issues are important it actually points to a bigger concern for the organization. This article will focus on two areas of information security system which are “continuous monitoring” and “security awareness”. It is widely accepted that in order to fix a problem there first must be acknowledgement that a problem exist. This is certainly not the case with this organization in which we speak of. It could be seen as the blind leading the blind when it comes to various areas of information security. So, then the question is how can one address the challenges and still build a proper information security program considering the concepts of continuous monitoring and security awareness.
Looking at the overall information security system structure as a whole one would have to conclude that this organization has fallen victim to the theory of technology is enough. In other words relying on technology alone will be enough to provide the security needed. The culture as well as the belief of the organization is that because a system exist, then all is well within. This thinking means that as long as an information security system is in place then the…