"Securing an environment of Windows platforms from abuse - external or internal - is akin to trying to install sprinklers in a fireworks factory where smoking on the job is permitted." — Gene Spafford (in e-mail to organizers of a workshop on insider misuse)
For any organization, security is the collection of technologies, standards, policies, regulations and management practices that are applied to systems and respective data points to keep them secured. In my earlier blog post 7 Reasons No Company Can Afford To Ignore Security, I shared why organizations can no longer afford to ignore security. It's important for organizations to have a proactive security strategy in place for reasons inclusive of:
- Present business operations of an organization increasingly vulnerable to risk,
- Security threats from mobile & web interactions with corporate systems,
- Ever-expanding regulations, and
- International access points requiring organizations to be complaint with regulations and law of the land
6 Steps Strategizing Security In The Organization
As technology becomes core for any business, organizations are becoming more dependent on their information systems, threats to public and personal data are more real. It's becoming increasingly important to strengthen strategy for Security, Risk and Compliance.
I will be sharing more inputs on Information Security including how to align Secured Software Development Lifecycle (SDLC) using Agile or Waterfall methodology and how security can be trained, initiated, planned, analyzed, designed, implemented and maintained. Meanwhile let us know if you have any questions or comments. For any questions, please reach out to me at firstname.lastname@example.org.