Firms in the dark about the risks from hackers
1008 views 
IT IS often said - and quite rightly - that IT security is at least as much about acquiring the right culture or mindset as it is about implementing this or that technology. There are so many layers to security, from basic things, such as the way people behave, to complex technical aspects such as implementing firewall rules, or knowing how to respond to alerts from intrusion detection logs. Getting all the pieces in place and keeping them in order is something that takes both vigilance and skill. Get it wrong and your whole business could be at risk.
Rory Innes, marketing manager at Edinburgh-based security consultancy DNS, says organisations tend to do best as on IT security when they deliberately set out to forge a clear policy. "There is an ISO standard, ISO 27001, that focuses on IT security and is a great starting point for any organisation," he says.
Innes points out that a number of Scotland's public sector organisations in the last few years have adopted ISO 27001 and have benefited greatly as a result. Now the practice is spreading to private sector companies as well.
Practical Threat Analysis for ISO 27001
Dear colleagues,
I would like to inform you that on September 2007 we released an updated version of PTA Professional Edition (1.54 - build 1201) with major usability improvements.
PTA – Practical Threat Analysis - is a quantitative method and a software tool that enables you to model the security perimeter of you business, identify threats on an asset-by-asset basis and evaluate the overall risk to the system. The risk level, potential damage and countermeasures required are all presented in real financial values. PTA calculates the level of risk and the available mitigation. It advises on the most cost-effective way to mitigate threats and reduce the risk.
PTA is free-of-charge for students, researchers, software developers and independent security consultants. You are invited to review the latest version's new features and download a free copy of the software from the following link:
http://www.ptatechnologies.com
http://www.ptatechnologies.com
PTA fully supports the ISO 27001 standard. Download a free PTA for ISO 27001 security library from the following url:
http://www.ptatechnologies.com/?action=documents
http://www.ptatechnologies.com/?action=documents
Feel free to introduce PTA to your professional colleagues - it is our contribution to the security community. I'll be happy to have your comments and answer your questions on any issue.
Regards,
Zeev Solomonik
R&D - PTA Technologies
http://www.ptatechnologies.com
zeev_at_ptatechnologies_dot_com
http://www.ptatechnologies.com
Post new comment