Home > IT security Management > Information assurance is a process that begins with strategy

Information assurance is a process that begins with strategy

August 16th, 2008
Goto comments Leave a comment

Security is a complex matter, balancing many competing interests. Each organization has different requirements and preferences for how it operates, as well as different levels of expertise and capability with its internal staff. Interhack’s Information Assurance practice complements whatever in-house expertise the client has to ensure that security is addressed strategically as well as tactically. Our deep technical expertise includes networks, software, operating systems, cryptography, and large-scale architectures.

Information assurance is a process that begins with strategy, a high-level definition of risk tolerance and expected rewards. At one extreme are start-up companies: they focus on growing to meet specific objectives for revenue or size and will typically shut down if the plan doesn’t work out. At the other extreme are companies that have been around a long time: they also want to make money but are able to be more patient about doing it and place more importance on being in business five years from now than growing by some margin. The start-ups are inherently high-risk and will therefore tolerate more risk in their information management practices. Companies that have a high need to continue longevity will put more emphasis on mitigating risk to protect their brands and operations. Adding to this mix is the maturity of the industry and the impact of regulation on security requirements.

Even the best strategy in the world is ultimately useless if the tools and techniques aren’t up to the task. Hence, Interhack’s Information Assurance practice includes a wide range of services that will also help to ensure that networks, computers, communications devices, and software are all doing what they should be doing in order to support the organization’s security strategy.

No two companies are identical. Even within an industry, competitors differentiate themselves in part by how they address risk. It makes no more sense for an organization to adopt a downloadable security strategy than a cookie cutter business plan.

Source Interhack 



Computer security IT security Management , , ,

  1. No comments yet.
  1. No trackbacks yet.