Resources for Federal Financial Institutions Examination Council (FFIEC)

Build A Usable Security Plan

www.processor.com

Information security teams understandably invest a great deal of their resources in preventive activities, such as firewalls and antivirus software. They also implement intrusion detection systems, log monitoring, and other tools for the detection and diagnosis of security compromises. These are good priorities--as the saying goes, an ounce of prevention is worth a pound of cure. While there is nothing wrong with information security departments that like to use an ounce--or even a pound--of prevention, what if they don’t have an ounce of cure?

“Companies often have the mentality that if something does happen, they’ll be able to deal with it,” says George McBride, director of IT risk consulting with Aon Consulting Worldwide (www.aon.com) in Chicago. “But in the event of a real crisis, people won’t know what to do.”

No amount of protective controls can absolutely guarantee an enterprise will be spared intrusion. All enterprises need to have a response in place and hope it is rarely needed. Curative capabilities can take many forms, including forensic and cleaning tools, but the most important is an SIMP (Security Incident Management Plan).

View the Resource

Share or bookmarklet this web page at: