Benchmarking-information security, Computer Network Security

Assignment Help:

Benchmarking

An alternative approach to risk management is Benchmarking. It is process of seeking out and studying practices in other organizations which one’s own organization desires to duplicate. One of three measures characteristically used to compare practices:

a) Metrics based measures

b) Process based measures

Metrics based measures are comparisons which are based on numerical standards, such as

-  The numbers of successful attacks
-  Staff hours which are spent on systems protection
-  The dollars which are spent on protection
- Numbers spent on protection
-  Estimated value in dollars of information lost in successful attacks
- Lose in productivity hours associated with the successful attacks

Process-based measures are less focused on numbers and more strategic than Metrics based measures. It enables organization to examine activities an individual company performs in pursuit of its goals instead of the specific of how goals are attained. There are several legal reasons. They are:

Standard of due care: when adopting levels of security for the legal defense, organization shows it has done what any prudent organization would do in same circumstances.

Due diligence: demonstration that organization is diligent in ensuring which implemented standards continue to provide needed level of protection. Failure to support standard of care or diligence can leave organization open to legal liability.

Best business practices: security efforts which provide a superior level protection of information.

While considering best practices for adoption in an organization, consider:

•    Does organization resembles identified target with best practice?

•    Are resources at hand similar?

•    Is organization in a alike threat environment?


Related Discussions:- Benchmarking-information security

Social studies, how would land elevation have canged if coronado had travel...

how would land elevation have canged if coronado had traveled 150 miles due west from what is today arizona instead of west toward new mexico

Asymmetric encryption-cryptography, Asymmetric Encryption Asymmetric encr...

Asymmetric Encryption Asymmetric encryption method makes use of two different but related keys and either key can be used to encrypt or decrypt the message. This method is freque

Issue specific security policy, Why an organization need the issue specific...

Why an organization need the issue specific security policy

Produce a pcap file from a wireshark capture, Question requires you to prod...

Question requires you to produce a pcap file from a Wireshark capture.  In addition, you must include a screen capture of Wireshark and some specific information regarding the fram

Compare and contrast data encryption standard, Problem (a) Using Vigen...

Problem (a) Using Vigenère cipher and given the key abc, find the ciphertext for the message: simplicity Only the 26 lower-case alphabetical characters are used in messa

Describe the terms prime number and prime factorisation, (a) An opponent is...

(a) An opponent is using RSA with the public key {e=53, n=77}. You intercept the ciphertext C=10. (All values on this problem, including the ciphertext and the cleartext, are nume

Calculate the minimum required signal strength, Question 1: (a) (i) Ra...

Question 1: (a) (i) Radio waves are subject to several propagation problems. Name any three of them. (ii) A Wi-Fi receiver requires a signal power of 50mW to operate correc

Difference between a class profile and a child profile sheet, QUESTION ...

QUESTION (a) Mention two attitudes of a carer towards an inspector that could lead to negative outcomes (b) Give two performance indicators of Early Childhood Education that

Network design approach, Problem a) Give three reasons why traditional ...

Problem a) Give three reasons why traditional Network Design approach is less appropriate for many of today's networks? b) The network requires of users are organized into m

Mention most relevant clause of iso 27001:2005, QUESTION (In this ques...

QUESTION (In this question, you will need to use the ISO 27001:2005 and ISO 27002:2005 standards) For each of the situations below, comment on the following: 1. Mention

Write Your Message!

Captcha
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd