(PRWEB) October 6, 2004
Information security breaches continue to impact all organizations despite the sterling efforts of IT professionals to improve information security. The best practice incident management process promoted in NoticeBoredÂs information security awareness kit for October therefore incorporates a learning loop for continuous improvement.
Through a coherent suite of security awareness materials, OctoberÂs NoticeBored kit presents advice on how to recognize, report, investigate, resolve and finally learn the lessons from security incidents.
Plain speaking presentation slides, leaflets, posters, screensavers, case study and desk-drop leaflets in the kit outline the concepts and motivate employees to play their part. ÂCall the Help Desk promptly to report incidentsÂ is one simple take home message for end-users, along with ÂDonÂt panic!Â ... written in large friendly letters.
IT workers are advised to ÂLeave IT forensics to the expertsÂ. A technical white paper explains that legal action against those who deliberately breach security controls depends on obtaining reliable IT forensic evidence and maintaining the chain of custody. Even something as innocuous as browsing system logs may taint the evidence and prevent its use in court.
Managers and directors are addressed through succinct management briefing papers and a sample policy on incident management is included in the kit. A mind map diagram gives an overview of the entire process.
The monthly topic-based awareness materials complement NoticeBoredÂs intranet system for managing information security policies, standards and guidelines. To find out more about NoticeBoredÂs innovative approach to information security awareness, visit http://www.NoticeBored.com.
About IsecT Ltd.
IsecT (ÂPutting security into ITÂ) is an independent British consultancy specializing in IT governance, information security, IT risk management and computer audit. Please visit http://www.isect.com for more information.
# # #