Course Hero Logo

L5 M1.pdf - ITMS 478/578 Developing Security Programs...

Course Hero uses AI to attempt to automatically extract content from documents to surface to you and others so you can study better, e.g., in search results, to enrich docs, and more. This preview shows page 1 - 8 out of 42 pages.

ITMS 478/578Developing Security ProgramsModule 1: Organizing for Security andSecurity Program ComponentsRay TrygstadInformation Technology and ManagementITMS 478/578 Cyber Security Management2022Slides based on Whitman, M. and Mattord, H., Principles of Information Security; Thomson Course Technology 2003and Whitman, M. and Mattord, H., Management of Information Security 5thEd; Cengage Learning 2016And Whitman, M. and Mattord, H., Management of Information Security 6thEd; Cengage Learning 2018
ITMS 478/578Some PhilosophyWe trained hard...but every time we formedup teams we would be reorganized. I wasto learn that we meet any new situation byreorganizing. And a wonderful method itcan be for creating the illusion of progresswhile producing confusion, inefficiency, anddemoralization.attributed toPETRONIUS ARBITER, 210 B.C.Roman writer and satirist (but not verifiable…)2/4/2022 10:46 AMCyber Security Management
ITMS 478/578Module Learning ObjectivesUpon completion of this module, students should be able to:Recognize and discuss organizational approaches tocybersecurityList and describe functional components of the cybersecurityprogramDetermine how to plan and staff an organization’s cybersecurityprogram based on organization sizeDevelop a cybersecurity program, identifying goals, objectivesand metrics2/4/2022 10:46 AMCyber Security Management
ITMS 478/578IntroductionSome organizations use “security programs” todescribe the entire set of personnel, plans, policies,and initiatives related to cybersecurityCybersecurity program: used here to describethe structure and organization of the effort that containsrisks to the information assets of organization2/4/2022 10:46 AMCyber Security Management
ITMS 478/578Organizing for SecuritySome variables that determine how to structurea cybersecurity program are:Organizational cultureSizeSecurity personnel budgetSecurity capital budget2/4/2022 10:46 AMCyber Security Management
ITMS 478/578Organizing for Security“…as organizations get larger in size, their securitydepartments are not keeping up with the demands ofincreasingly complex organizational infrastructures.Security spending per user and per machine declinesexponentially as organizations grow, leaving mosthandcuffed when it comes to implementing effectivesecurity procedures.”–Andrew Briney and Frank PrinceInformation Security September 20022/4/2022 10:46 AMCyber Security Management
ITMS 478/578Organizing for SecurityAn organization’s size and available resources directlyaffect the size and structure of its cybersecurity effortsLarge, complex organizations may have entire divisionsdedicated to cybersecuritySmaller organizations may have a single securityadministrator or assign responsibilities to staff2/4/2022 10:46 AMCyber Security Management

Upload your study docs or become a

Course Hero member to access this document

Upload your study docs or become a

Course Hero member to access this document

End of preview. Want to read all 42 pages?

Upload your study docs or become a

Course Hero member to access this document

Term
Fall
Professor
N/A

Newly uploaded documents

Show More

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture