With all the attention given to the increasing sophistication of threats, and the security implications of technology trends such as Virtualization and Cloud Computing, are enterprises ready for tomorrow's security risks? For many, the answer is a resounding no. Many are ill-prepared for dealing with today's most basic issues,let alone what may emerge tomorrow.
For example, in a recent ENTERPRISE MANAGEMENT ASSOCIATES ® (EMA™) survey, nearly half (48%) of 200 global enterprises surveyed indicated that their IT risk management objectives were not adequately implemented or enforced. In this paper, EMA examines the broad domains of controls enterprises must consider in order to build a solid foundation for IT security management:
Countering threats
Resolving vulnerabilities
Managing application risks
Protecting sensitive information
Managing and enforcing identity, access and
entitlements
Managing events and responding to incidents
Stretching the boundaries: Extending to domains such as physical security, and fostering a more secure culture
No comments:
Post a Comment