Securing the organization , where is the weakest Link? Management
Added On:3/3/2012 11:07:00 AM
The Crac des Chevaliers, Syria is an excellent example of medieval fortification during the Crusader wars and is an excellent representative of the fusion of European and Asian approaches to security.
We are in a similar situation when we look at the cyber wars and the threats we face today, we need to house or organization in a secure environment, where no one can get in and even if they did they should not be able to leave our fortress with our data and other valuable digital assets.
There as similar forts in other parts of the world too including in India like Daulatabad in Aurangabad, Sriringapatnam near Mysore, the Agra Fort to name a few.
All these forts were never conquered by assaulting the fort or in battle all these forts fell to the invading army by treachery.
Many of our information security jargon are derived for the protection used by the old forts the more popular being firewall, demilitarized zone, demarcation of zones, access rights , passwords, two factor authentication, honeypots.
As we glean through history we will find that the weakest link has been the trusted people who aligned with the enemy either willingly or by social engineering with the enemy.
The same applies for our organizational security today; we can bring in the best security solutions but managing them and keeping the organization secure rests squarely on its people.
The CISO and his team alone cannot secure the organization; security is everyone’s business in the organization. We come across organizations where the security policies do not apply to the CEO and Senior Management, there cannot be a more blatant approach to security.Secure the Board and Executive first from cyber attacks they are the most vulnerable, securing the troops who have access to less knowledge is normally taken as the priority. The rules should be same to all since all employees are vulnerable.
Many organizations shun automated tools because they believe it does not work for them, these organizations compromise their security posture. They need to use automated tools, which generate real time alerts and MIS reports on demand and on a given frequency, provide for an audit trial and also archival of incidents and transactional data.
Every person, every device, every I/O port in the network or device is all vulnerable, so is the data, you need to secure every digital artifact in the organization whether at rest or in motion.
Companies who believe a firewall, antivirus and a 16 digit password will secure their organization need to revisit their security architecture and build it again.
Festive season is up with offers and discounts. Taking the benefit of the same, the Californian titan Google is offering Chromebook at $99, discount of $330. The discounted laptop Chromebook has recei...
HCL Infosystems Ltd has announced the buyout of the remaining 40% stake held by the NTS Group in HCL Infosystems MEA. HCL Infosystems Ltd., through its wholly owned subsidiary HCL Insys Pte Ltd., Sing...
Information provided on this page has been independently obtained from sources believed to be reliable. However, such information may include inaccuracies, errors or omissions.ITVoir.com, and its affiliates, information providers or content providers, shall have no liability to you or third parties for the accuracy, completeness, timeliness or correct sequencing of information available on this page, or for any decision made or action taken by you in reliance upon such information, or for the delay or interruption of such information. ITVoir.com,its affiliates, information providers and content providers shall have no liability for investment decisions or other actions taken or made by you based on the information provided.