Network Security & Management

 A recent survey from CSI,  includes information about targeted attacks, incident response and the impacts of both malicious and non-malicious insiders. It contains details about respondents' security programs, including budgeting, policies implemented, tools used, satisfaction with security tools and budgets, degree of outsourcing, use of metrics and effects of compliance requirements.

Some key findings:

• Of the approximately half of respondents who experienced at least one security incident last year, fully 45.6 percent of them reported they’d been the subjects of at least one targeted attack.
• When asked what actions were taken following a security incident, 18.1 percent of respondents stated that they notified individuals whose personal information was breached and 15.9 percent stated that they provided new security services to users or customers.
• When asked what security solutions ranked highest on their wishlists, many respondents named tools that would improve their visibility—better log management, security information and event management, security data visualization, security dashboards and the like.
• Respondents generally said that regulatory compliance efforts have had a positive effect on their organization's security programs.

Where are you with your security program?

 IPI follows the recommendations of the NIST (National Institute of Standards and Technology) for IT Risk Management Analysis.  There is a structure and methodology to risk analysis, followed by a risk mitigation process.  Risk mitigation includes a cost benefit analysis, mitigation options, TCO/ROI and a strategy and approach implementation.