Security threats: You cant manage what you cant see

The downside of this deterministic or signature-based approach is that it is increasingly difficult to track, let alone manage the volumes of alerts coming daily from multiple sources. Corporate governance, however, demands that these alerts are managed using formal and auditable IT risk management processes with timely and meaningful security outcomes.

The corollary being that in an increasingly complex and networked world the risks to the enterprise have become increasingly debilitating and while the fundamentals of managing these risks have changed little. IT Observer | You canít manage what you canít see!

Linked by shanmuga Thursday, 5th January 2006 10:00PM