When you ask who could help, think about what security means to you. The clear definition of your security objectives in light of your business trust environment is key. Without this, IT security becomes a minefield of salesman claiming their product as the wonder palliative to the latest publicised threats.
Many consultancies sell products, with their staff being little more than product installers. Other advisers (often auditors) will happily derive a risk assessment and security policy with no experience of the operational costs or risks of developing the implied security architecture. Often they run through elaborate security risk methods which obscure the reasoning. This also makes the assessment difficult to cater with changes in the objectives, threats or vulnerabilities.
Thus, to review information security or conduct a re-useable risk assessment and devise the security architecture requires:
- Operational and technical development experience
- Security evaluation experience
- Policy and risk assessment experience in government or commercial fields
- Unbiased advice
| < Prev | Next > |
|---|
Who's Online
News Flash
-
Size Zero IT - Service Release
Flexible Computing's Latest Innovation on IT Development - Size Zero IT
We have created a new unique service to assist any established or start up company to develop new IT services. We can provide the following services for no startup costs;
Read more... Link -
10K Virtuoso's
Super Powered Hopeful Individual - Individually Capable of Changing the World
I was asked the other day 'What would you describe as the key aspect of an Enterprise Architect role?' and in a separate conversation 'What did you do before you got into IT?'After a little thought and watching an inspiring presentation by Jane McGonigal a 'Super Powered Hopeful Individual' because;
Read more... Link