Why Choose Blackbird?
Team
Philosophy
Clients
Commitment
 
 
BLACKBIRD’S SECURITY PHILOSOPHY : Features of High-Quality Security Programs
 
1. Reflects Commitment and Involvement on the Part of Upper Management
2. Is Based on Informed Decision-Making
3. Is Tailored to Meet the Organization’s Unique Requirements
4. Goes Beyond Information System Security
5. Utilizes Security in Depth
6. Views Security as an Ongoing Effort
7. Recognizes That Security Events May Occur, and Plans for These Events
8. Enlists the Support of External Security Experts
 
6. Views Security as an Ongoing Effort
The risks to organizational resources are continually evolving.

Your organization’s unique risk profile changes regularly as a result of things like network reconfigurations, software implementations and upgrades, system administration changes, mergers and acquisitions, policy and procedure changes, and employee turnover.

The threats facing your organization change regularly too. Although actual threat emergence is difficult to quantify, the CERT Coordination Center’s advisory postings provide a useful illustration of threat emergence trends. CERT posts advisories for threats that it deems critical, with a capacity for widespread impact. Advisory postings increased by 29% from 1999 to 2000, and by 68% from 2000 to 2001.

Protective devices and protocols are designed to defend against known and anticipated threats. It is not safe to assume that they’ll afford you protection against emergent threats.

Consequently, staying on top of your vulnerabilities must be an ongoing effort. Your security plan should allow for periodic reviews and updates of your security measures to ensure that:
Newly implemented resources and unauthorized employee activities haven’t added unidentified areas of vulnerability.
Your organization is protected against emerging threats.

Other ongoing security activities that should be incorporated into your plan include educating new-hires about security, boosting waning attentiveness to security concerns, and addressing changing organizational security requirements.

If you stay abreast of this issue, it need not become a resource hog. If you don’t, you’ll see a rapidly diminishing return on the security resources that you’ve expended to date.