Incident classification is based on the judgement of the information security professionals involved. How would you determine if any given circumstances is business as usual, an incident or a disaster?
Classifying information securtiy incidents is normally done into three categories business as usual, an incident or a disaster. Business as usual means incidents which occur in the normal course of an activity, mainly in circumstances that occur on a day-to-day basis. These may just be small events which happen daily. An incident would be an occurrence or event which interupts normal procedures, this type of event would not occur on a daily basis. It would be events which occur from time to like security threats or warnings. A disaster on the other hand would be an event which causes widespread destruction and distress, this may occur if the whole information security system is taken out, major amounts of information stolen or a major breach of security.
It's often said that information security begins with solid policy. Why is this so?
A policy is desribed as a principle or rule to guide decisions and achieve rational outcomes. Which this kept in mind if managers use solid policy to guide them when dealing with infomation security they should be able to make more informed and educated decisions. Thus leading to more successful information security and protection of their information.
Keeping policy current is critical. How do you think policy needs to be updated to accomodate current events? Give examples where possible.
Policy needs to be continuously controlled and monitored to accomodate current events as technology is forever evolving and growing, organisation's policy must stay constantly new and with the times to ensure they can plan their security measures and processes. All sorts of new attacks and threats are occuring daily, these need to be countered by organisation's to ensure they are not vulnerable to any threats.
No comments:
Post a Comment