die folgende sans-umfrage wurde bei 1850 sicherheitsexperten und -manager im jahre 1999 durchgeführt. zwar ist das schon lange her, aber ich glaube so viel hat sich seit damals nicht geändert ;)
the 7 top management errors that lead to computer security vulnerabilities
Number Seven: Pretend the problem will go away if they ignore it.
Number Six: Authorize reactive, short-term fixes so problems re-emerge rapidly
Number Five: Fail to realize how much money their information and organizational reputations are worth.
Number Four: Rely primarily on a firewall.
Number Three: Fail to deal with the operational aspects of security: make a few fixes and then not allow the follow through necessary to ensure the problems stay fixed
Number Two: Fail to understand the relationship of information security to the business problem -- they understand physical security but do not see the consequences of poor information security.
Number One: Assign untrained people to maintain security and provide neither the training nor the time to make it possible to do the job.
Samstag, 10. Mai 2008
security post #02: management fehler
Abonnieren
Kommentare zum Post (Atom)
Keine Kommentare:
Kommentar veröffentlichen