SecureTheVillage

Basic IT Security Management Practices

Source: SecureTheVillage

Author: SecureTheVillage

Focus Areas: Information Security Management / MSSP, Security Management of IT Network

Intended for: CIOs, CTOs, IT Directors, CISOs, Information Security Managers, Executives

SecureTheVillage’s Guide to Basic IT Information Security Management Practices supports our mission of a CyberSecure Los Angeles.

The Guide to Basics is designed to meet one of the most pervasive challenges we face in securing our organizations’ sensitive and critical information: The often wide gap — the all too frequent language barrier — between an IT organization and the executive to whom the IT function reports. Too often this gap results in basic information security management security practices not being followed. The result is increased vulnerability to cybercrime and other kinds of cyber-risk.

The Guide describes those basic few that are most necessary in preventing cybercrime and other cyber incidents. It’s designed to provide the greatest gain for the buck in protecting the IT network. It’s also designed so that if you leave anything out, your cyber risk goes up significantly. Think of the Guide as the 20% of expenditures that gives you 80% of the value.

Notwithstanding that the Guide is based upon information security management best practices, the Guide is not intended as a set of best practices. The Guide is a set of basic IT security management practices. These critical practices are so essential that a failure to implement them puts the organization at significant risk of a costly — often fatal — information security incident. Not following the Basic Guide is the equivalent of drinking and driving.

SecureTheVillage is providing the Basic Guide to the community as a public service.

  • We encourage IT organizations to review the Guide and implement those parts of the Guide that they may not yet be following.
  • We encourage executives who manage the IT management function to expect their IT organization (whether internal or outsourced) to meet the Guide .
  • And we encourage everyone who might find the Guide useful or valuable — especially IT vendors and MSPs — to join with us. Our community is under cyber attack. We need to educate and train our ‘village,’ not just in the Guide but in all the other things that people must know to adapt to this new cyber-reality. We need your assistance and support. Help spread the word to your staff, your customers and clients, your vendors, your Board. Join the village.

Last edited: October 1, 2017

Visit Resource

Related Resources

Reasonable Security 2022 What Every Business Leader Needs – A Reasonable Approach to Reasonable Security Information Risk Management – The Rosetta Stone of Cybersecurity with Stan Stahl, PhD

Become A CyberGuardian

Protect your community: take the CyberGuardian Pledge, join our email list, get invited to events.

Take the Pledge

SUPPORT US

SecureTheVillage is a community-based response to the cybersecurity and privacy crisis. We are a 501c(3) nonprofit with a vision of a cybersecure global village. We invite you to join with us as together we make the vision a reality. It takes the village.

Be a CyberPartnerDonate