The principles of security management

In case you lost track of what happened to Symantec, chip manufacturer Broadcom bought the company, minus its Norton Life lock customer business, then sold to Accenture the controlled cyber security business. The purchase puts Accenture into a position of influence in the increasingly rising industry. As part of its dedication to investing in and innovating innovative threat intelligence and cybersecurity technologies, in addition to the Symantec contract, Accenture has also acquired other competitors. Security roles and responsibilities are often not clearly defined, so it’s difficult to understand where a security project begins and an IT project ends, or vice versa, as security affects every aspect of an organization. As a consequence, in order to define the project concept and scope, it is important that project management fundamentals be used on security programs (Humphreys, 2008).

A.    The principles of security management

i.               People

People is probably the most important aspect of the chord that, as you think of information security, springs to mind most automatically. Data is private if this can only be done for the individuals who are allowed to access it; you need to be able to distinguish who is attempting to access data and block attempts by those without permission to maintain secrecy. All the methods intended to ensure secrecy are passwords keys, encryption, authentication, and protection against intrusion attacks. Integrity involves preserving data in the right state, either by mistake or maliciously, and stopping it from being illegally updated. After all, all of the strategies that guarantee secrecy can also ensure data integrity, a hacker will not alter data that they cannot reach, but there are other resources to can include a comprehensive checksum integrity protection will can you verify data integrity and software for version control and regular backups will help you recover data if necessary. Availability mirrors confidentiality in that while you need to make sure that the information cannot be obtained by unauthorized users, you also need to make sure that people with the right credentials can access it. Ensuring storage availability requires balancing the amount of data access you expect from the network and processing facilities and enforcing a good backup strategy for disaster recovery purposes.

ii.              Process

The field of process focuses on the elements of information technology delivery. It includes areas such as the deployment and outcomes of applications within the IT system, as well as support mechanisms that enable these IT systems to be applied successfully and efficiently. Security problems and preparation are part of these support systems. The realm of monitoring and assessment deals with the policy of an organization to determine the company’s needs and whether or not the new IT structure still satisfies the targets with which it was built and the safeguards needed to conform with regulatory requirements. Monitoring also includes the question of an impartial evaluation by internal and external auditors of the performance of the IT system and its capacity to achieve corporate goals and the company’s control processes (Harnesk & Lindström, 2011).

iii.            Technology

The scope of technology covers the application of information & technology and how well it can be used in an enterprise to better accomplish the aims and goals of the corporation. It also stresses the IT operational and infrastructural form to be taken in order to produce the best outcomes and to produce the most value from the use of IT. The scope Acquire and Implement requires the recognition of IT parameters, the acquisition and application of the technologies within the existing business processes of the organization. In order to increase the life of an IT system and its elements, this domain also discusses the creation of a maintenance schedule that an organization can follow.

B.    The role of project management with respect to implementing security management.

The role of project management includes defending the company from data theft and malware threats which was actually a whole lot smoother in the earlier years of cybersecurity as compared to today. Companies are struggling nowadays to keep up with the never-ending number of security threats, malware, cyber-attacks and insider theft. This also suggests that defense measures need to keep up with the growing complexities within the cybersecurity domain.

C.    Plan to instill a secure mentality into an organization.

Instilling a secure mentality into an organization includes continuous grooming of the security culture of a company.  You must engage in a culture of security. A healthy culture of security is broader than just a single instance. If a safety culture is enduring, it converts security from a one-time occurrence into a lifecycle that forever produces security returns. There are four distinguishing characteristics of a healthy defense community. Firstly, it is intentional and disruptive. The primary objective of a security culture is to promote change and better security, so the organization must be disruptive and deliberate with a set of actions to promote change. Second, it’s engaging and enjoyable. People want to engage in a culture of security that is exciting and a challenge.

Looking to get Essay writing help for this assignment? Get custom essay for 15% OFF using coupon code “NEW15” or Buy Used Solution for same paper for less!