Posts

Security Control Frameworks with full details

Image
Security Control Frameworks In formalizing its security governance, an organization might implement a security control framework ; this is a notional construct outlining the organization’s approach to security, including a list of specific security processes, procedures, and solutions used by the organization. The framework is often used by the organization to describe its security efforts, for both internal tracking purposes and for demonstration to external entities such as regulators and auditors. There are a variety of security frameworks currently popular in the industry, each offering benefits and capabilities, usually designed for a certain industry, type of organization, or approach to security. The following list of framework examples is by no means exhaustive or intended to be exclusive; the security practitioner should have a working familiarity with the frameworks on this list, as well as whatever framework is used by their own organization (if any). Some of these framewor...
Post a Comment
Read more

Security manager/security officer/security director roles and respnsibility

  Often, this is the senior security person within an organization. In some cases, the organization has a CSO (mentioned in the preceding entry of this list), in which case the security officer is a member of senior management. When the senior security role is not a member of senior management, the reporting hierarchy is an essential element of determining the importance and influence security has within the organization . For instance, an organization wherein the security manager reports directly to the CEO places a great deal of importance on security; an organization that has the security manager reporting to an administrative director, who in turn reports to a vice president, who reports to senior management, obviously does not. The security manager is typically responsible for advising senior management on security matters, may assist in drafting security policy, manages day-to-day security operations, represents the organization’s security needs in groups and meetings such as...
Post a Comment
Read more

Organizational Processes and their impact to security

Security governance is a process which defines how a decision is made within an organization. This task is accomplished in different ways as per organization culture, management style and other variety of factors. Inn large organizations the task is much more organized and at times can be more complicated as there are multiple levels of decision makers which are required to be involved. IN small private business and or organizations the decision making process may be as simple as one or two person, who at the end of the day make a decision based on consultation or derived from a personal experience of the decision makers. In government or public organizations there is a chartered legislative body or a corporation which makes strategic decision based defined policies, procedures, board of directors etc. Each organization will have its own process for making decision, based on a defined structure, goals, nature of the industry, regulations. Some companies/organizations create a govern...
Post a Comment
Read more

Concepts of (CIA) confidentiality, integrity and availability

Image
  CIA Triad explanation: As a security professional or a trainee you need to know CIA (Confidentiality, integrity and availability) down to its core. We will focus on the three key principles as we will now refer them as CIA triad. In the field of information security , we have assets which can be tangible (something you can touch) for example your organization computers, servers, employees, data etc. and non-tangible (something you cannot touch) for example your reputation, your market share, your share or stock value etc. all of these assets requires security and the first thing as a security practitioner you will do is to utilize the CIA principle to assess what level of security you need to apply as per your business, security and compliance requirements. This is true even for data that is stored in any form, be it electronically or in printed hardcopy. It also applies to any systems, mechanisms, techniques used to process/manipulate/store/transmits that data. For CIA examples...
Post a Comment
Read more

Check Out The Latest Mobile Prices In Pakistan

Image
  Hey there! hope you are doing great. are you looking for latest mobile prices in Pakistan don't worry tech scnz. is here for you. Tech scnz is new startup of Hazara University students in Pakistan.  The main idea of tech scnz is to give you correct and authentic information about technology updates in Pakistan. Tech scnz provide you the latest news about the technology in Pakistan. What is TechScnz.pk Tech scnz.is Digital Marketing , Social Media Marketing, Web Development/Design, Tech Support full-service Agency in Pakistan. We are the team of Digital Marketing Experts who catch those pure gold ideas and transform them into a competitive Brand in their own Industry. we work together to ensure you see the best results across all niche and campaigns. on techcsnz.pk you can see the latest news updates about technology, 5G, IOT, computer, cyber security, Amazon etc. Here you can also check the latest prices of new and old mobiles phones in Pakistani rupees and US dollars,...
Post a Comment
Location: Pakistan
Read more