9/30/2004

Six Secrets of Highly Secure Organizations

This article from CIO Magazine offer these six suggestions gleaned from the survey responses of more than 8,000 CEOs, CFOs, CIOs, CSOs, vice presidents, and directors of IT and information security from 62 countries on six continents:

1. Spend more.
2. Separate information security from IT and then merge it with physical security.

Over the course of the next year:

3. Conduct a penetration test to patch up network and application security
4. Create a comprehensive risk assessment process to classify and prioritize threats and vulnerabilities.
5. Define your overall security architecture and plan from the previous three steps.
6. Establish a quarterly review process, using metrics (for example, employee compliance rates) to measure your security's effectiveness."

Recommended by DennisKennedy