About Blackbird

Blackbird’s Security Philosophy: Features of a High-Quality Security Program

1. Reflects Commitment and Involvement on the Part of Upper Management
2. Recognizes that Security Events May Occur and Plans for These Events
3. Is Based on Informed Decision-Making
4. Is Tailored to Meet the Organization’s Unique Requirements
5. Goes Beyond Information System Security
6. Utilizes Security in Depth
7. Views Security as an Ongoing Effort
8. Enlists the Support of External Security Experts

7. Views Security as an Ongoing Effort

The risks to organizational resources are continually evolving. Your organization’s unique risk profile changes regularly as a result of things like network reconfigurations, software implementations and upgrades, system administration changes, mergers and acquisitions, policy and procedure changes, and employee turnover.

Protective devices and protocols are designed to defend against known and anticipated threats. It is not safe to assume that they’ll give you protection against emergent threats.

Consequently, staying on top of your vulnerabilities must be an ongoing effort. Your security plan should allow for periodic reviews and updates of your security measures to ensure that:

• Newly implemented resources and unauthorized employee activities haven’t added unidentified areas of vulnerability.
• Your organization is protected against emerging threats.

Other ongoing security activities that should be incorporated into your plan include educating new hires about security, boosting waning attentiveness to security concerns, and addressing changing organizational security requirements.

If you stay abreast of this issue, it need not become a drain on the company’s resources. If you don’t, you’ll see a rapidly diminishing return on the security resources that you’ve expended to date.