Threat Level: green Handler on Duty: Guy Bruneau

SANS ISC: Day 33 - Working with Management to Improve Processes - SANS Internet Storm Center SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Day 33 - Working with Management to Improve Processes

We all understand that management level people are not normally involved with Incident Handling and may want to place the blame somewhere.  As professionals we need to keep management focused on the issue of exactly how the incident happened and use the opportunity to impress upon them the need for enhanced security.  This is your time to push for funding to fix your processes, technology and obtain improve incident handling capabilities.

One good method is to utilize visual aids to break down exactly what happened.  Using visual aids to demonstrate the incident will increase your chances that non-technical management will understand exactly what happened and to see where the weaknesses are in the system.  Once they understand the weaknesses in the system they are more likely to approve the funding to fix it.

If you have special ways you work with management, please contact us and let us know.

Mari Nichols    iMarSolutions

Mari Nichols

76 Posts
Nov 3rd 2008

Sign Up for Free or Log In to start participating in the conversation!