Research and retrieval of news articles by: SPECIAL NOTE TO ALL VISITORS: |
INTERNET SECURITY ALLIANCE RELEASES BEST PRACTICES MANUALSource: Security Wire DigestPosted on July 29, 2002 In an effort to raise the bar on corporate cybersecurity standards, the Internet Security (IS) Alliance released a report last week at the National Press Club in Washington, D.C., urging top management to get actively involved with their Internet security policy. "A Common Sense Guide for Senior Managers: Top 10 Recommended Information Security Practices," identifies and standardizes processes in Internet security and information survivability. It also establishes decision-making guidelines for those who previously haven't been involved in such matters. "Corporate America must learn that security is not a one-time activity, but a continuous, risk-managed process that involves all aspects of the company's operations and assets," the report states. "One of our biggest challenges is to educate managers who aren't in the security business," says Dr. William Hancock, chairman of IS Alliance and chief security officer at Exodus, a service of Cable & Wireless. "Many companies believe they have adequate Internet security, but in reality, there's no structure in place." IS Alliance Executive Director Dave McCurdy agrees: "This is why it's imperative that senior management be at the helm of this initiative; they're ultimately responsible for their network's security." The guide advocates safe practices, such as using access controls at all levels of IT, regularly verifying the integrity of software, and assigning responsibility throughout the company for reporting and responding to network incidents. "We also include thought-provoking questions for top executives," explained Kevin Nixon, a coauthor of the guidelines. "Questions like 'What company assets are most securely protected and why?' and 'Who is responsible?' are the types of inquiries that enterprise leaders should be approaching their IT managers with," he says. The IS Alliance is a consortium of representatives from major companies such as AIG Insurance and Visa, that collaborates with the Carnegie Mellon Software Engineering Institute to develop and advocate information security standards. A free copy of the guide is available at www.isalliance.org.
E-Commerce Alerts are issued by Bennett Gold LLP, Chartered Professional Accountants as situations develop. Bookmark this site and check back often. Our e-mail address is: info@BennettGold.ca In accordance with United States Code, Title 17, Section 107 and Article 10 of The Berne Convention on Literary and Artistic Works, the news clippings on this web site are made available without profit for research and educational purposes. |
ALERT WebTrust Is Your Best Defense Against Privacy Breaches. Get WebTrust Working For Your Site. |