(1 votes, average: 10 out of 10)
Loading ...Dan Swanson’s Security Resources: #4
My fourth column provides another diverse collection of leading resources.
This week’s question: “How prepared is your organization?” If you have any concerns on the robustness of your disaster recovery, business continuity, and/or your emergency management capabilities, I’d strongly recommend you check out the Canadian Centre for Emergency Preparedness.
Studying for your CISSP? The CCCure.Org web site is the place to go!
Feeling you need to ramp up your security training efforts? Check out ISC2’s comprehensive educational resource guide.
Finally, have you been questioning who is responsible for information security lately? Study the views of an internal auditor.
Enjoy.
Good luck and have another great week.
Dan Swanson
Dswanson_2005@yahoo.com
1. The (ISC)² 2007 Resource Guide for Today’s Information Security Professional - Global Edition provides the latest resources in educational references, year-long events listings and leading industry sponsors all in one handy downloadable reference guide.
2. The Systems Security Engineering Capability Maturity Model (SSE-CMM) was developed to advance security engineering as a defined, mature, and measurable discipline. It describes the characteristics essential to the success of an organization’s security engineering process, and is applicable to all security engineering organizations including government, commercial, and academic.
3. CCCure.Org The CISSP, SSCP, CISM, CISA, ISSPCS, and SANS GIAC GCFW Open Study Guides Web site is dedicated to helping people in achieving their goal of becoming a CISSP, SSCP, CISM, CISA, ISSPCS, or GCFW. Over the years it has become a vast container of resources that can assist you in mastering the domains of the specific Common Body of Knowledge related to each of the above certifications.
4. Ask the Auditor: Who is Responsible for Information Security?
The Auditor Responds: In short, the board of directors, management (of both staff and business lines) and internal audit functions all have significant roles in auditing information security. The big question for many companies is how these stakeholders should work together to ensure that everything that should be done to protect sensitive data is being done — and that the company’s key assets are protected appropriately.
5. The Canadian Centre for Emergency Preparedness (CCEP) is a not-for-profit organization based in Canada & devoted to the promotion of emergency risk management to individuals, communities and organizations, in both government and the private sector, with the aim of reducing the risk, impact and cost of natural, human-induced and technological disasters. CCEP’s objectives are to raise awareness of the increasing risks of disasters, promote the need for sound disaster management practices and disseminate information on the availability of professional expertise and resources, including technology.
6. What Should Your Business Continuity Efforts Focus On?
A Reader Asks: Should your business continuity program (BCP) consider the impacts of emerging threats and changing business practices, and what are the key issues involved today?
The Auditor Responds (Short answer): Your BCP and disaster recovery programs should be designed to respond to a wide variety of potential incidents, covering both man-made disasters, such as power-grid or environmental control failures, and natural disasters, such as hurricanes and mass staff outages due to epidemics.
The long answer: http://www.itcinstitute.com/display.aspx?ID=2090
Related Posts
