Sign Up Now
Get instant access to over 1 million+ study documents
OR
Already registered? click here to login
By creating your account, you agree to our terms of service, privacy policy and student honor code.
Also, it goes without saying that anyone hired in an important position like this one should have a wealth of experience and knowledge pertaining to information technology and information security (Slater, p. 2).
The broad spectrum of activities a CSO must engage in Author Tyler Justin Speed explains that while it security staff can be counted on for the most part to protect stored digital data, unless the chief of security is fully aware of the potential for "internal threats" he or she is missing the boat. In other words, employees with access to server rooms can access databases, computers, routers, monitors and other "physical parts of the network infrastructure" (Speed, 2012). Speed insists that it doesn't matter "…how good the firewall installed at a network's gateway to the Internet is; if a computer's disk drive is not physically protected," a person who is not authorized can upload "malicious software" into one of the network's computers. All the date contained in that computer hard drive will then be compromised, Speed explains. Hence, the CSO must take great pains to protect network data from employees. '
How the CSO can be reasonably assured that new hires are honest: a) there must be a very thorough background check (it costs the company money); b) the applicant must be given a "skills assessment test" to determine what he or she knows about digital technology; c) references must be checked thoroughly; d) once vetted, the new hire needs to be well trained by security and administration professionals; and e) a "culture of security awareness" needs to be established (Speed).
Moreover, information security should not be entirely in the hands of the CSO; indeed, organizations...
The information security community is there to protect information assets; the it community is there to support "the business objectives"; and the nontechnical business community is there to articulate and communicate the polices and the mission of the organization (Whitman).
In conclusion, this is an age in which malicious criminals have the capability to hack into just about any so-called secure server in any country at any time. So the company not fully conversant with the need to have three groups of professionals -- or a program similar to what Whitman describes -- is in jeopardy of being violated. If digital interlopers can hack into government servers that are supposed to be immune to such attacks, those same interloper criminals can surely find a way to steal digital data and company secrets from corporations as well.
Works Cited
Slater, Derek. (2011). What is a Chief Security Officer? Increasingly, Chief Security Officer
means what it sounds like: The CSO is the executive responsible for the organization's entire security posture, both physical and digital. CSO Online. Retrieved June 26, 2013, from http://www.csoonline.com.
Speed, T.J. (2012). Asset Protection Through Security Awareness. Boca Raton, FL: CRC
Press.
Whitman, M.E., and Mattord, H.J. (2010). Management of Information Security. Independence,
KY: Cengage Learning.
Works Cited
Slater, Derek. (2011). What is a Chief Security Officer? Increasingly, Chief Security Officer
means what it sounds like: The CSO is the executive responsible for the organization's entire security posture, both physical and digital. CSO Online. Retrieved June 26, 2013, from http://www.csoonline.com.
Speed, T.J. (2012). Asset Protection Through Security Awareness. Boca Raton, FL: CRC
Press.
They need to know what their responsibilities are not only as individuals but also as team members and corporate employees. David cites an excerpt from a corporate security document that illustrates his point: "A security policy serves many functions. It is a central document that describes in detail acceptable network activity and penalties for misuse. A security policy also provides a forum for identifying and clarifying security goals and
Securities Regulation SECURITIES REGULARIZATIONS IN NON-PROFIT ORGANIZATIONS The ensuring of the fact that an organization is working as per regulations and is following the code of conduct, while keeping the interest of the public first, are matters which are becoming more and more complicated with the passage of time. Therefore, it can be said with some emphasis, that today one of the most basic issues of many organizations is the issue of
Security Management Strategies for Increasing Security Employee Retention Design Effective Job Characteristic Model Skill Variety Task Identity and Task Significance Autonomy and Feedback Meeting Expectations Market Competitive Package Strategies for Increasing Security Employee Retention Security employees constitute the most important component of organizational workforce. It is because; they ensure the core survival of organization and its assets. However, the ironic fact is the security employees are considered blue collar workers and their compensation packages are low (Hodson & Sullivan,
Roles of a Police Psychologist in an Investigation The following paper describes the roles played by a police psychologist in an investigation of a situation in which a former police officer has been killed. The police force constantly takes risks to save the lives and belongings of the people they serve. This force is known for its bravery and courage but when a situation involves the homicide of a former member
Security Monitoring Strategies Creating a unified, enterprise-wide security monitoring strategy for any organization must be based on a series of strategic goals and objectives that encompass every functional area and system of a business. The intent of this analysis is to define the objectives that must anchor a security monitoring strategy to ensure its success, followed by specific recommendations for security monitoring of each major functional area. Defining Security Monitoring Strategies For an
Security Management The role of a security manager varies widely according to the particular organization and its needs, but despite this variety, there remain certain best practices and policies that can help maintain security and stability. This is nowhere more true than in the case of organizational loss, because while loss can mean widely different things depending on the field, the underlying theoretical concepts which inform attempts to minimize loss are