[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Security team objectives

Subject: Security team objectives
From: bill at herrin.us (William Herrin)
Date: Tue, 31 Jul 2018 14:37:10 -0400
In-reply-to: <CAOLsBOtVTZc6SfFSTHeVF4JOddYvO2zmA2DOQP3EAW2tD0Auag@mail.gmail.com>
References: <CAOLsBOtVTZc6SfFSTHeVF4JOddYvO2zmA2DOQP3EAW2tD0Auag@mail.gmail.com>

On Mon, Jul 30, 2018 at 12:43 AM, Ramy Hashish <ramy.ihashish at gmail.com> wrote:
> If you are going to start a security team in a newly founded IT
> organization, what will the objectives/results be?

Hi Ramy,

Sounds like you're putting the cart before the horse. Understand your
security objectives first. That will determine the nature of the
security team or indeed, if there should be a specific security team
at all or some other security structure.

Some common security objectives include:

* Compliance with customer and vendor requirements

* Loss prevention

* Avoidance of legal liability for system compromise

* Avoidance of brand damage due to system compromise

* Operations continuity

Regards,
Bill Herrin

-- 
William Herrin ................ herrin at dirtside.com  bill at herrin.us
Dirtside Systems ......... Web: <http://www.dirtside.com/>

References:
- Security team objectives
  - From: ramy.ihashish at gmail.com (Ramy Hashish)

Prev by Date: YANG daemeon for Linux
Next by Date: Confirming source-routed multicast is dead on the public Internet
Previous by thread: Security team objectives
Next by thread: Security team objectives
Index(es):
- Date
- Thread