Ken,

I most certainly agree that an organization of more than a few hundred users
needs to have someone on staff as the full time "security officer."  It
hasn't always been this way, but clearly the business world has warmed up to
the info sec function over the past few years.

As per your question, while I don't currently have that specific
responsibility, I have been in that position in the real world twice before
prior to joining PentaSafe (NetIQ)... first as Supervisor of System Security
and QA at a 1,500 user bank in South Florida - main duties were AS/400
system and application security; and second as Director of Information
Security at a 6,000+ user credit card servicing organization in South
Florida.  There I had a staff of 15 - 13 for information security
administration, analysis, and compliance (3 of which were for AS/400 only)
and 2 for business recovery planning & testing.

Of course, that was in the financial industry under the auspices of the
FDIC, OTS, etc., but with the introduction of the HIPAA laws for the health
care industry along with ISO 17799 (based on the European BS 7799 standard)
among others that are beginning to permeate those industries that have
traditionally been without specific IT security standards and laws, the
dedicated security position is becoming ubiquitous.

Best regards,

Steven W. Martinson, CISSP 
NetIQ Corporation 
Senior Technical Support Engineer I 
(Formerly Pentasafe Security Technologies, Inc.) 
Look for more details on our website: http://www.netiq.com/ 

NetIQ Essential Care - Support: 503.223.3023
Fax: 1.713.548.1771
or send email to:  VigilEnt-Support@xxxxxxxxx

<subject: Re: Security questions

Hello everyone..
        One thing I've been able to conclude, from all the rhetoric on this
subject, and perhaps a conclusion, is that 
        an organization almost needs a full time individual on staff looking
after computer security.
        Again, I imagine, it would all depend on the complexity of the
operation.
        
        Are there any people on this mailing list who have that specific
responsibility?...just curious..
Thanks

Ken Shields>

As an Amazon Associate we earn from qualifying purchases.

This thread ...


Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.