By John Kyriazoglou
The following methods and techniques may
be utilized for the analysis, design, implementation, assessment and evaluation
of the cyber threat strategy and measures required to protect any type of
organization.
1. Corporate Physical security: Guards,
dogs, locks, cameras, video surveillance, etc.
2. Corporate administrative procedures:
corporate governance policies and procedures like ethics program, risk
management approach and procedure, personnel review and due diligence,
segregation of duties, business data management files and data procedures, etc.
3. IT policies and procedures:
passwords, access controls, hardware security, data validation rules within
application software, back up procedures, offsite data retention capabilities,
etc.
4. Corporate recovery mechanisms:
business continuity policy, IT recovery process, backup procedures, offsite
storage and testing procedures, etc.
5. Security trapping mechanisms: honey
net and other trapping facilities, special security trapping and diversion
tools and techniques, etc.
6. Business intelligence function.
7. Corporate anti-espionage techniques.
(2) Printed Book: Business Management Controls: Toolkit, www.itgovernance.co.uk.
(3) Printed Book: ‘Corporate Strategic and Operational Controls’
Direct Link: http://www.theiic.org/publicationsbookstore/bookstore2.html
(4) Printed Book: 'IT Strategic & Operational Controls’
Direct Link: www.itgovernance.co.uk/products/3066
(5) E-Book: ‘Implementing Management Controls for Small and Medium-Size Companies’
Direct Link: http://www.amazon.com/dp/B007Z1WTOM
(6) E-Book: ‘Auditing and Improving Business Performance’
Direct Link: http://www.amazon.com/dp/B0088I8IVY
(7) Free E-Book: IT-Business Alignment (2 Parts)
http://bookboon.com/en/business-ebooks/it/it-business-alignment-part-i
http://bookboon.com/en/business-ebooks/it/it-business-alignment-part-ii
