Topic: Building a Comprehensive Security Architecture Framework
Speaker: Mark Whitteker, MSIA, CISSP, GSNA, GCFA
When: December 1, 2010 1PM-430PM
Where: RTI Dreyfuss Auditorium
Cost: ISACA RTC Member - Free; Affiliated Organizations: $25; All Others: $40
CPEs: Upto 3
Handouts (must be logged in to download): Building a Security Architecture Framework (PDF) - December 1 2010 Session (2.04 MB) Building a Security Architecture Framework - December 1 2010 Session (4.58 MB)
When an organization is first established, its information assurance program must be highly reactive. The business is continually metamorphosing, refining its mission and goals as it grows into its niche market. As a consequence, the security needs of the organization are under constant flux, requiring the security team to be flexible in delivering tactical solutions and stopgap measures to meet those ad hoc requirements. While this is a natural progression of most organizations, it often results in an information assurance program containing numerous security gaps and a lack of clear direction and purpose.
As an organization grows and matures, the need to address security at a strategic level becomes readily apparent. The ability to streamline the compliance process and adopt a standardized security model to manage risks and continually improve is a must. Cisco has recognized that reality, and as a result, has developed a scalable and comprehensive security architecture framework that addresses an organization’s security needs at a strategic level. By mapping industry standards to internal policies, procedures and security services, we have created an effective framework that can meet the needs of any organization, regardless of industry or market.
Mark Whitteker, MSIA, CISSP, GSNA, GCFA