Cover Image
市場調查報告書

情報安全策略的策畫

Build an Information Security Strategy

出版商 Info-Tech Research Group 商品編碼 603326
出版日期 內容資訊 英文 97 Pages
商品交期: 最快1-2個工作天內
價格
Back to Top
情報安全策略的策畫 Build an Information Security Strategy
出版日期: 2017年09月18日 內容資訊: 英文 97 Pages
簡介

因組織與IT的變更、駭客等各種問題而忙碌的情報安全部門負責人、將要想出兼顧費用與效果的方法、策劃面對系統風險的方案是非常困難的課題。

應對情報安全相關組織、保持可隨時調整的彈性、維持重要系統與數據的機密、確保安全、可用性等企業意向與義務、現在與未來方案的可能性、預算及人員資源限制等評價用的綜合方法。

另外、也必須意識到有效的防禦機能對情報安全策略設計、實施、維持、傳達的可擴大與重複方法必要性。

本報告可支援以下IT安全部門負責人:

  • 掌握目前安全對策的能力與實績。
  • 掌握情報安全部門的義務、範圍、境界、責任。
  • 確定組織狀況、達成情報安全對策目標。
  • 策畫可達成情報安全對策目標的策略與藍圖。
目錄
Product Code: 74131

Are you prepared to manage ever-increasing security pressures?

Organizational and IT changes, hackers, and much more present information security leaders with what sometimes seems like an insurmountable challenge: how to manage the risks their systems face in a cost-effective manner.

A comprehensive approach that assesses the organization expectations and obligations for the confidentiality, integrity, and availability of critical systems and data; current and future program capabilities; and budget and human resource constraints is needed to ensure that expectations can be met - or re-aligned, where necessary.

This action underscores the need for a scalable and iterative approach to designing, executing, maintaining, and communicating an effective and defensible information security strategy.

The blueprint will help IT security leaders:

  • Understand current security practice capabilities and performance
  • Understand your security obligations, scope, boundaries, and responsibilities
  • Establish a security target state based on your organizational context
  • Develop a strategy and roadmap to help you achieve your security target state

Executive Summary

Situation:

Technology sophistication and business adoption, the proliferation of hacking techniques, and the expansion of hacking motivations from financial to now social, political, or strategic motivations have resulted in organizations facing major security risk. Every organization needs some kind of information security program to protect its systems and assets.

Complication:

Performing an accurate assessment of your current security operations and maturity levels can be extremely difficult when you don't know what to assess or how, along with the fact that an assessment alone is only the starting point. Senior management wants to know that adequate targets have been determined and there is a robust plan for how they are going to be met.

Resolution:

Info-Tech has developed and tested a robust information security framework with supporting methodologies to generate your organization's comprehensive, highly actionable, and measurable security strategy and roadmap.

  • Robust security requirements gathering across the organization, key stakeholders, customers, regulators, and other parties ensure the security strategy is built in alignment with and supportive of enterprise and IT strategies and plans.
  • Info-Tech's best-of-breed security framework combines COBIT 5, ISO 27000 series, NIST SP 800-53, and CIS critical security controls to ensure all areas of security are considered, covered, and reported upon.
  • A comprehensive current state assessment, gap analysis, and initiative generation ensures nothing is left off the table.
  • Tested and proven rationalization and prioritization methodologies ensure the strategy you generate is not only the one the organization needs, but also the one the organization will support.
Back to Top