Security level management

Security level management

Security Level Management (SLM) comprises a quality assurance system for electronic information security. The aim of SLM is to display the IT security status transparently across a company at any time, and to make IT security a measurable quantity. Transparency and measurability form the prerequisites for making IT security proactively monitorable, so that it can be improved continuously.SLM is oriented towards the phases of the Deming Cycle/Plan-Do-Check-Act (PDCA) Cycle: within the scope of SLM, abstract security policies or compliance guidelines at a company are transposed into operative, measureable specifications for the IT security infrastructure. The operative aims form the security level to be reached. The security level is checked permanently against the current performance of the security systems (malware scanner, patch systems, etc.). Deviations can be recognised early on and adjustments made to the security system.SLM falls under the range of duties of the Chief Security Officer (CSO), the Chief Information Officer (CIO) or the Chief Information Security Officer (CISO), who report directly to the Executive Board on IT Security and data availability.

Classification

SLM is related to the disciplines of Security and Security Event management (SIEM), which the analysts Gartner summarise in their Magic Quadrant for Security Information and Event Management, and define as follows:" […] SIM provides reporting and analysis of data primarily from host systems and applications, and secondarily from security devices — to support security policy compliance management, internal threat management and regulatory compliance initiatives. SIM supports the monitoring and incident management activities of the IT security organization […] . SEM improves security incident response capabilities. SEM processes near-real-time data from security devices, network devices and systems to provide real-time event management for security operations. […] "

SIM and SEM relate to the infrastructure for realising superordinate security aims, but are not descriptive of a strategic management system with aims, measures, revisions and actions to be derived from this. SLM unites the requisite steps for realising a measurable, functioning IT security structure in a management control cycle.

SLM can be categorised under the strategic panoply of IT governance, which, via suitable organisation structures and processes, ensures that IT supports corporate strategy and objectives. SLM allows CSOs, CIOs and CISOs to prove that SLM is contributing towards protecting electronic data relevant to processes adequately, and therefore makes a contribution in part to IT governance.

The Steps towards SLM

Defining the Security Level (Plan): Each company specifies security policies. The executive management defines aims in relation to the integrity, confidentiality, availability and authority of classified data. In order to be able to verify compliance with these specifications, concrete aims for the individual security systems at the company need to be derived from the abstract security policies. A security level consists of a collection of measurable limiting and threshold values.

"Example: operative aims like "the anti-virus systems at our UK sites need to be up-to-date no longer than four hours after publication of the current definition" need to be derived from superordinate security policies like "our employees should be able to work without being interrupted."

Limiting and threshold values are to be specified separately and individually for different sites, locations and countries, because the IT infrastructure on-site and any other local determining factors need to be taken into consideration.

"Example: office buildings in the UK are normally equipped with high-speed dedicated lines. It is wholly realistic here to limit the deadline for supplying all computers with the newest anti-virus definitions to a few hours. For a factory in Asia, with a slow modem link to the web, a realistic limiting value would have to be set that is somewhat higher."

The IT control manual Control Objectives for Information and Related Technology Cobit (CobiT) provides companies with instructions on transposing subordinate, abstract aims into measurable aims in a few steps.

Collecting and Analysing Data (Do):Information on the current status of the systems can be gleaned from the log file and status reports provided by individual anti-virus, anti-spyware or anti-spam consoles. Monitoring and reporting solutions analysing software applications from all software houses can simplify and accelerate data collection.

Checking the Security Level (Check): SLM prescribes continual reconciliation of the defined security level with the current measured values. Automated real-time reconciliation supplies companies with a permanent status report on the security status across all locations.

Adjusting the Security Structure (Act): Efficient SLM allows trend analyses and long-term comparative assessments to be made. Through the rolling observation of the security level, weak spots in the network can be identified early on and appropriate adjustments made proactively in the security systems.

See also

Besides defining the specifications for engineering, introducing, operating, monitoring, maintaining and improving a documented information security management system, also defines the specifications for implementing suitable security mechanisms.

The IT Infrastructure Library (ITIL), a collection of best practices for IT control processes, goes far beyond IT security. In relation, it supplies criteria for how Security Officers can conceive IT security as an independent, qualitatively measurable service and integrate it into the universe of business-process-oriented IT processes. ITIL also works from the top down with policies, processes, procedures and job-related instructions, and assumes that both superordinate, but also operative aims need to be planned, implemented, controlled, evaluated and adjusted.

External links

*COBIT:
* [http://www.isaca.de/ Summary and material from the German Chapter of the ISACA - German]
* [http://www.isaca.at/Ressourcen/CobiT 4.0 Deutsch.pdf Cobit 4.0 - German]

*ISO/IEC 27000
* [http://www.27000.org/ The ISO 27000 Directory]
* [http://www.iso.org/ International Organization for Standardization]

*ITIL
* [http://www.bsi.de/literat/studien/ITinf/itil.pdf "ITIL and Information Security" (ITIL und Informationssicherheit), Federal Office for Information Security (BSI), Germany - German]
* [http://www.securityfocus.com/infocus/1815 "How ITIL can improve Information Security", securityfocus.com – English]
* [http://www.ogc.gov.uk/guidance_itil.asp Official ITIL website of the British Office of Government Commerce - English]


Wikimedia Foundation. 2010.

Игры ⚽ Нужно сделать НИР?

Look at other dictionaries:

  • Security Level Management — (SLM) ist ein Qualitätssicherungssystem für die elektronische Informationssicherheit. SLM hat zum Ziel, den IT Sicherheitsstatus jederzeit unternehmensweit transparent darzustellen und IT Sicherheit zu einer messbaren Größe zu machen. Transparenz …   Deutsch Wikipedia

  • Computer security incident management — In the fields of computer security and information technology, computer security incident management involves the monitoring and detection of security events on a computer or computer network, and the execution of proper responses to those events …   Wikipedia

  • Under Secretary of Homeland Security for Management — Infobox Government agency agency name = Under Secretary of Homeland Security for Management nativename = nativename a = nativename r = logo = logo width = logo caption = seal width = seal caption = formed = preceding1 = preceding2 = dissolved =… …   Wikipedia

  • Alaska Division of Homeland Security & Emergency Management — Motto: “...through partnerships, leading the way in emergency management Agency overview Formed 2004 Preceding agencies …   Wikipedia

  • Management development — is best described as the process from which managers learn and improve their skills not only to benefit themselves but also their employing organizations.[1] In organisational development (OD), the effectiveness of management is recognised as one …   Wikipedia

  • Security — is the condition of being protected against danger, loss, and criminals. In the general sense, security is a concept similar to safety. The nuance between the two is an added emphasis on being protected from dangers that originate from outside.… …   Wikipedia

  • Security and safety features new to Windows Vista — There are a number of security and safety features new to Windows Vista, most of which are not available in any prior Microsoft Windows operating system release.Beginning in early 2002 with Microsoft s announcement of their Trustworthy Computing… …   Wikipedia

  • Security Operation Center (computing) — A Security Operation Center (SOC) is an organization that delivers IT security services. It attempts to prevent unauthorized access and manage security related incidents using processes and procedures. The mission is risk management through… …   Wikipedia

  • Information security — Components: or qualities, i.e., Confidentiality, Integrity and Availability (CIA). Information Systems are decomposed in three main portions, hardware, software and communications with the purpose to identify and apply information security… …   Wikipedia

  • Security Assertion Markup Language — (SAML) is an XML based standard for exchanging authentication and authorization data between security domains, that is, between an identity provider (a producer of assertions) and a service provider (a consumer of assertions). SAML is a product… …   Wikipedia

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”