Table of Contents
Executive summary
- In a nutshell
- Key messages
- Risk management provides a framework for optimising decisions
- Prioritise
- There is no easy way to balance the security budget
- Look for cheaper ways of delivering security
- Security budgets must be contained
- Putting a lid on security spending
- Getting the balance right
- Business needs
- Threats
- Available resources
- Price levels
- Risk management frameworks
- The nature of risk
- Security and systems management frameworks
- ISO 17799 and ISO 27001
- COBIT
- ITGI
- The SANS Institute' s recommendations
- A comprehensive structure
- The SANS list of security controls
- Balancing musts, needs, wants and resources
- The balance
- The threats are growing
- The criminal community
- The internal threat
- Threats relating to new technology
- The range of security products keeps growing
- Don' t spend tomorrow' s money solving yesterday' s problems
- Risk management is an ongoing process
- Risk management enables you to minimise overlaps
- Managing the risk/reward equation
- The role of risk analysis
- Optimising the risk/reward equation
- Assessing the risk/reward for new business initiatives
- Reducing the cost of IT security provision
- Alternatives to spending on security
- Reducing risk
- Rationalisation
- Open-source products
- Rationalise suppliers
- Use or negotiate innovative licensing
- Use managed services
- Streamline and automate processes
List of Tables
- Table 1: Recommended security controls
|
Related Report
|
View Cart
