Forums: Technet Fights Security Ignorance - Forums

Jump to content

Page 1 of 1
  • You cannot start a new topic
  • This topic is locked

Technet Fights Security Ignorance

#1 User is offline   Blake 

  • Former Commander In Chief
  • Icon
  • Group: Retired General
  • Posts: 7,317
  • Joined: 24-September 02

Posted 09 December 2003 - 01:15 PM

One of the most common complaints I hear from IT pros concerns the lack of knowledge (OK, the ignorance) of company executives regarding information security. For many CEOs and high-level executives, security is at best barely understood and at worst completely misunderstood. Some execs tolerate security procedures and expenses, while others view them as a cost with no possible return.

Bridging this knowledge gap can be extremely difficult for any IT manager. After all, you usually can't get away with calling your CEO ignorant. And trying to explain security preparedness technically to your boss can go nowhere fast. more>>
Posted Image Subscribe To Our RSS Feed For the Latest News from GovernmentSecurity.org
Would you like to earn money posting on GSO?
0

#2 User is offline   gman24 

  • Specialist
  • Icon
  • Group: Specialist
  • Posts: 643
  • Joined: 21-October 03

Posted 09 December 2003 - 01:45 PM

Ya, thats true, run into that alot. Even when they call us because thier network has been compromised some of them still refuse to budge on certain issues (The situation makes most of them more receptive to changes though). Well not exactly CEOs but the higher ups that make the decisions, same situation though.

It's good that someone is doing something. Thanks for the article :).
0

#3 User is offline   Blake 

  • Former Commander In Chief
  • Icon
  • Group: Retired General
  • Posts: 7,317
  • Joined: 24-September 02

Posted 10 December 2003 - 05:34 PM

np we all have similar issues :lol:
Posted Image Subscribe To Our RSS Feed For the Latest News from GovernmentSecurity.org
Would you like to earn money posting on GSO?
0

#4 User is offline   Jeremy 

  • Commander in Chief
  • Icon
  • Group: Admin
  • Posts: 2,345
  • Joined: 14-May 03

Posted 11 December 2003 - 07:09 PM

Quote

The situation makes most of them more receptive to changes though


I remember an old thread in this forum some time back where we were debating if staging/creating a attack was beneficial and whether the benefits outweighed the ethics of doing so. It was pretty interesting. Ill try to dig it up.
Your time is limited, so don't waste it living someone else's life. Don't be trapped by dogma � which is living with the results of other people's thinking. Don't let the noise of others' opinions drown out your own inner voice. And most important, have the courage to follow your heart and intuition. They somehow already know what you truly want to become. Everything else is secondary.
~Steve Jobs
Jeremy aka w00dy aka foadah
0

#5 Guest_H4xorHunt3r_*

  • Group: Guests

Posted 12 December 2003 - 04:36 AM

That would be an interesting read w00dy. The thought of staging an attack on your own networks, to prove a point, while appealing on some level, it is only appealing in some sort of perverse way. I vaguely remember hearing someone at COMDEX talking about a return on investment guide to IT security, let me see if I kept a copy, or a link. Probably involves less possible cell time anyways.
Cheers
0

#6 User is offline   Blake 

  • Former Commander In Chief
  • Icon
  • Group: Retired General
  • Posts: 7,317
  • Joined: 24-September 02

Posted 13 December 2003 - 02:33 PM

If you are looking for the ROI on IT article you can find it in the security focus archives ;-)
Posted Image Subscribe To Our RSS Feed For the Latest News from GovernmentSecurity.org
Would you like to earn money posting on GSO?
0

#7 Guest_H4xorHunt3r_*

  • Group: Guests

Posted 18 December 2003 - 11:12 AM

Must have read my mind .. or googled it. Thanks mate ... I had completely forgotten to reply with the link.
h**p://www.securityfocus.com/infocus/1715
Cheers
0

#8 User is offline   Spookie 

  • Staff Sergeant
  • Icon
  • Group: Specialist
  • Posts: 293
  • Joined: 21-December 03

Posted 05 January 2004 - 05:45 PM

Some info I've found to be helpfull is to develop seperate reports to coincide with a power point for not only the CEO but for the CFO and the CIO as well.

Each Department head will have a big share of the responsibilities as the CEO will check with the CFO for the all important $$$ of big/small businesses and the CIO will be the one who will designate a point of contact for the window of testing and basically will be under review.

Some CIO's feel a bad report will be a resume generating moment and thats a hard obstacle to overcome. But the ppt should be tailored for the CIO so the SysAdmins can see the benefit of the test and by laying out the ground rules and target zone it will allow the SysAdmin and the CIO to develop the warm and fuzzy feeling of " There here to help".

Just my 2 cents worth on the subject - hope it helps those who prep for the presentations.
Beauty is only a light switch away
0
Page 1 of 1
  • You cannot start a new topic
  • This topic is locked

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users

  • Share



Our Sponsors:


SwiftLayer Affiliate Web Hosting