Managing security and risk requires multifaced procedures, technologies, IT security staff and, of course, a nice budget. For medium-sized businesses, information security managers and CIOs must know how to deal with complex attacks that probe networks and systems and have risk mananagement plans in place.
This special report is a collection of magazine and online articles, a webcast and a podcast that examine security management practices, risk management policies and staffing issues, as well as budgeting strategies to get buy-in from the business side.
[James Connolly, Contributor, CIO Decisions]
Despite the same old budgets and resources, midsized companies have to contend with new and more complex security attacks. Here's how a few are rising to the challenge.
rank and file nervous about inadequate security
IT's rank and file are just as concerned about being used as the company scapegoat in the event of a major security breach as CIOs -- maybe more so. Many believe that when under pressure, the stressed-out CIO will point the finger at them.
management: Think policy first, technology second
Auditor on your tail? Gartner analysts have six hot technologies that'll impress the inspector -- but with one caveat: Have good policies in place before you buy.
This was first published in June 2007