The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Security measures taken in isolation and without reference to a concrete and relevant assessment and evaluation of actual risks are doomed to be inefficient. At best they do not address the real issues facing an organization and simply waste resources, at worst they provide management with inappropriate comfort over the level of security management that is in place. This paper reviews the key points...
The assessment of the adequacy and appropriateness of the security infrastructure in place within an organization poses a significant challenge to those responsible for security management, those responsible for corporate compliance, and senior management who seek a reasonable balance between robust security and ease of use for legitimate users. The process of assessment, validation and improvement...
In this period of grave economic uncertainty, organizations have to manage increasingly complicated situations in an environment that is subject to massive and rapid evolution. A solely intuitive approach to risk management is no longer sufficient when considering the need to optimize investments in relation to security. It is necessary to find the often difficult balance between the cost of risks...
The paper considers and discusses two closely related concepts and process, namely risk management and security management. Practically, there is a tendency to consider risk management as a plenty process capable to protect information assets. Based on the literature and international standards, the paper gives an overview of all the aspects and activities related to both processes. risk management...
According to all security studies recently published, the regulatory compliance appears as one of the most important drivers in security spending, representing the bigger part of security operating costs. Regulatory compliance is very often mentioned to attest an improved performance and accountability in security mechanism and procedures. This paper aims to analyse the contribution of different laws,...
Managing information security within an organization is becoming a very complex task. The information security posture assessment is performed by using frameworks, methodologies or standards considering the subject separately. The model proposed within the paper aims to holistically consider all the security dimension. This is because the security level is as strong as the weakest link is. In order...
An efficient IT security management relies upon the ability to make a good compromise between the cost of security countermeasures to be implemented, and the reality of informational risks an organization have to face. In fact, it concerns the capacity of an IT security manager to make decisions in a dynamic and complex environment. Even a well-experienced manager needs reliable tools to optimize...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.