The Experts below are selected from a list of 30 Experts worldwide ranked by ideXlab platform
John Mallery - One of the best experts on this subject based on the ideXlab platform.
-
chapter 1 building a secure organization
Computer and Information Security Handbook, 2009Co-Authors: John MalleryAbstract:Publisher Summary Building a secure organization is important to long-term success. When a business implements and maintains a Strong Security Posture, it can take advantage of numerous benefits. An organization that can demonstrate an infrastructure protected by robust Security mechanisms can potentially see a reduction in insurance premiums being paid. A secure organization can use its Security program as a marketing tool, demonstrating to clients that it values their business so much that it takes a very aggressive stance on protecting their information. Security breaches can cost an organization significantly through a tarnished reputation, lost business, and legal fees. Numerous regulations, such as the Health Insurance Portability and Accountability Act, the Gramm-Leach-Bliley Act, and the Sarbanes-Oxley Act, require businesses to maintain the Security of information. Security, by its very nature, is inconvenient, and the more robust the Security mechanisms, the more inconvenient the process becomes. Most Security mechanisms, from passwords to multifactor authentication, are seen as roadblocks to productivity. Despite the benefits of maintaining a secure organization and the potentially devastating consequences of not doing so, many organizations have poor Security mechanisms, implementations, policies, and culture.
-
Chapter 1 – Building a Secure Organization
Computer and Information Security Handbook, 2009Co-Authors: John MalleryAbstract:Publisher Summary Building a secure organization is important to long-term success. When a business implements and maintains a Strong Security Posture, it can take advantage of numerous benefits. An organization that can demonstrate an infrastructure protected by robust Security mechanisms can potentially see a reduction in insurance premiums being paid. A secure organization can use its Security program as a marketing tool, demonstrating to clients that it values their business so much that it takes a very aggressive stance on protecting their information. Security breaches can cost an organization significantly through a tarnished reputation, lost business, and legal fees. Numerous regulations, such as the Health Insurance Portability and Accountability Act, the Gramm-Leach-Bliley Act, and the Sarbanes-Oxley Act, require businesses to maintain the Security of information. Security, by its very nature, is inconvenient, and the more robust the Security mechanisms, the more inconvenient the process becomes. Most Security mechanisms, from passwords to multifactor authentication, are seen as roadblocks to productivity. Despite the benefits of maintaining a secure organization and the potentially devastating consequences of not doing so, many organizations have poor Security mechanisms, implementations, policies, and culture.
Brian T. Contos - One of the best experts on this subject based on the ideXlab platform.
-
Chapter 12 – Insiders Abridged
Enemy at the Water Cooler, 2020Co-Authors: Brian T. ContosAbstract:Publisher Summary This chapter illustrates Security issues caused by an insider. It exemplifies the malicious use of medical records and the preventive measures taken by hospitals. Currently, they have a Strong Security Posture with excellent Security analysts, Security awareness programs, and an ESM deployment that monitors all network access points, critical servers, and access control systems. The Security director receives an ESM automated report every morning outlining all instances of patient record access. The chapter explains hosting of pirated software and its affect on the user. Ever since computer systems have become portable and handy, there has been the possibility of people walking away with them. Many of the removable media devices such as USB key fobs, CD/DVDs, PDAs, phones, and media players, including iPods could be used to steal gigabytes of data in a relatively short time (and are much easier to conceal than a file server). The chapter also enlists the measures that can be taken to prevent such theft. The theft and auctioning of a state government agency's property are also discussed. Writing code for another company, outsourced insiders, and an employee of the Philadelphia Mint developing a scam to steal gold coins are issues that are focused in the conclusion of the chapter.
Kristof Van Der Auwera - One of the best experts on this subject based on the ideXlab platform.
-
ISSE - Demystifying SAP Security
Innovations in Systems and Software Engineering, 2020Co-Authors: Kristof Van Der AuweraAbstract:This article attempts to demystify the feature-rich SAP Security functions, to demonstrate how they can cooperate to build a Strong Security Posture, and how to avoid some classic pitfalls.
Pak-chuen Chin - One of the best experts on this subject based on the ideXlab platform.
-
Defining Southeast Asia's Defense Posture amidst Challenging Times
2012Co-Authors: Pak-chuen ChinAbstract:Abstract : This paper explores the Southeast Asian Security landscape since the end of the Second World War. It will focus on two collective frameworks that have emerged from the cooperative efforts of the countries in the region to deal with the flux of Security issues. These are the Association of Southeast Asian Nations (ASEAN) and the ASEAN Regional Forum (ARF). They constitute the central reference mechanisms in defining the region's Security Posture. The paper will next examine how the "non-interference" policy has become an inadequate principle for ASEAN and ARF as the region progresses into the 21st century. Its inadequacy is explored in relation to three "unconventional shocks": the 1997 financial crisis, the 1999 East Timor hostility crisis, and the 2002 Bali terrorist bombings. It also will examine how the notion of a "pre-emptive" U.S. foreign policy creates an increasing sense of uncertainty about the region's future Security relationship with the United States, especially when Al Qaeda-linked terrorists are attempting to establish their footholds within the region. Today, as Southeast Asia stands at the threshold of the 21st century, there is an increasing need to transform the ARF fundamentally to continue to project a Strong Security Posture amidst such challenging times. A new vision for the ARF is proposed in response to the new challenges. The vision calls for a bold "three-pronged" transformation to take place at three distinct levels of the ARF: Principle, Process, and Perspective. The final part of the paper will examine the details of this transformation roadmap that promises to revamp the region's Security Posture.
Brian Michael Kenyon - One of the best experts on this subject based on the ideXlab platform.
-
Security Battleground An Executive Field
2012Co-Authors: Brian Michael KenyonAbstract:Security has evolved from a tactical IT concern to boardroom-level dilemma. This transition has challenged many executives who are now obligated to protect their organization's critical assets. Security Battleground: An Executive Field Manual provides guidance to any executive who find themselves shouldering oversight responsibility for information Security. The Security Battleground team-of-authors designed this book to provide practical advice for Security-obligated executives, that is, for business executives with or without formal backgrounds in Security processes or technologies. Security Battleground provides ways in which executives can evaluate information Security with a mix of examples, exercises, and lessons learned. The case studies and exercises are based on the authors' extensive hands-on experience with Security-obligated executives, Chief Information Security Officers (CISOs), and members of Security teams. Reader Quotes "Refreshing! Finally a playbook that moves beyond the technical Security stalemate by providing a strategic map for partnering, prioritizing and funding a successful Security campaign. Security Battleground is the comprehensive field guide for assessing the full landscape and fighting the right battles." - Denise Wood, CVP & Chief Information Security Officer, FedEx Corporation "Having worked with this team for years, I believe that sharing their experiences in this format can help executives succeed. This book speaks to the current pressures and challenges that executives face in dealing with Security. It takes a practical approach that balances a Strong Security Posture with a viable business strategy. Security Battleground reaffirms my own belief that Security planning must be based on a thorough understanding of the business to be effective." - Gene Fredriksen, CISO, Tyco "The Security Battleground authors have amassed years of experience as trusted advisors for CSOs and CISOs around the globe. The result is a goldmine of knowledge for non-technical executives who have an obligation to ensure corporate Security." - Brett Wahlin, CSO, Sony
