Benchmarking-information security, Computer Network Security

Assignment Help:

Benchmarking

An alternative approach to risk management is Benchmarking. It is process of seeking out and studying practices in other organizations which one’s own organization desires to duplicate. One of three measures characteristically used to compare practices:

a) Metrics based measures

b) Process based measures

Metrics based measures are comparisons which are based on numerical standards, such as

-  The numbers of successful attacks
-  Staff hours which are spent on systems protection
-  The dollars which are spent on protection
- Numbers spent on protection
-  Estimated value in dollars of information lost in successful attacks
- Lose in productivity hours associated with the successful attacks

Process-based measures are less focused on numbers and more strategic than Metrics based measures. It enables organization to examine activities an individual company performs in pursuit of its goals instead of the specific of how goals are attained. There are several legal reasons. They are:

Standard of due care: when adopting levels of security for the legal defense, organization shows it has done what any prudent organization would do in same circumstances.

Due diligence: demonstration that organization is diligent in ensuring which implemented standards continue to provide needed level of protection. Failure to support standard of care or diligence can leave organization open to legal liability.

Best business practices: security efforts which provide a superior level protection of information.

While considering best practices for adoption in an organization, consider:

•    Does organization resembles identified target with best practice?

•    Are resources at hand similar?

•    Is organization in a alike threat environment?


Related Discussions:- Benchmarking-information security

What is the role of an intrusion detection system, Problem: (a) What i...

Problem: (a) What is a firewall and which are its most important tasks? (b) What is the difference between default deny and default permit? Which advantages and disadvanta

Network security in an organisation, Network security is an issue for compa...

Network security is an issue for companies regardless of whether they participate in electronic commerce; however, since most organizations have a Web site that allows some interac

Different architectures for wireless networks, (a) What are the different a...

(a) What are the different architectures for wireless networks? (b) Explain how WEP authentication and encryption works, describe the vulnerability. (c) In what ways are secu

Wireless networks, Wireless Networks The origin of wireless networks a...

Wireless Networks The origin of wireless networks and their ubiquity in the technological environment poses a new type of exposure and vulnerability for network security. Cont

Threat identification-risk management, Threat Identification After ident...

Threat Identification After identifying and performing a primary classification of an organization’s information assets, the analysis phase moves onto an examination of threats

Explain the term virtual private network, Question: (a) Besides privac...

Question: (a) Besides privacy, what other security functions does Pretty Good Privacy (PGP) provides? (b) What is the Post Office Protocol (POP) used for? Why is it impo

Use the chinese remainder theorem to evaluate x, Use the Chinese remainder ...

Use the Chinese remainder theorem to evaluate x from the following simultaneous congruences: x ≡ 1 (mod 2); x ≡ 2 (mod 3); x ≡ 3 (mod 5). Calculate gcd(14526, 2568). (

Attacks on wireless network, Q. Attacks on wireless network WSN are vul...

Q. Attacks on wireless network WSN are vulnerable to attacks which compromise the integrity of the WSN nodes by decreasing the nodes' fault tolerance capabilities, data distrib

Explain the approaches to lric modeling, (a) Cost allocation mechanisms ar...

(a) Cost allocation mechanisms are important when it comes to establishing other aspects of inter-firm compensations and how these are transferred to the users. There are two pri

Write Your Message!

Captcha
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd