What should IT managers do to become aware of hazards that changing day by day and to improve their experiences?
Awareness of attacks threatening corporate information security and continuity of tracking them have vital role to ensure corporate security and to develop corporate strategies on this aspect. It should be kept in mind that security subject is a dynamic process; its target and content may modify. IT managers can follow notifications from security products that they are using or follow services posting information security announcements such as NDV (National Vulnerability Database) and iDefense.
Is it necessary to employ CSO (Chief Security Officer) or Whiter hacker within a company? What can be done to increase experienced and reliable human resource in our country?
Information is as important as other assets for each company. Therefore, it is very important to conduct risk analysis while defining security policies. It seems a right manner to employ CSO (Chief Security Officer) or Whiter hacker in accordance with requirements. However, department and people should be investigated very carefully. At least 3-4 times more expertise and training investment should be performed to increase experienced and reliable human resource. Comprehensive trainings should be arranged for combatting IT crimes in different expertise fields. Field success should be tested and certified.
What kind of attacks are the companies most frequently exposed recently?
Popular attack are “stopping/interrupting access to information” ( Ddos etc.) and confidentiality infringements for financial gain (bank and credit card fraud) recently in Turkey and all over the world. Attack types and purposes are changing by time. It should not be forgotten that international attacks such as information theft and service interruption may occur against systems like energy, defense, education, health..etc which are managed by digital systems.
What kind of risks are caused by (Bring your own device-BYOD) concept; What kind of measures do you take to minimize this threat?
In our era, due to diversifying technological developments; employees work with smart phones, tablets or other various storage units. Of course, this means that number and kind of devices you must control within your network increase. Hence, security devices should recognize and monitor these new environments. These kind of new and varying environments create extra load on the system, it should be determined in advance.
What is the area that is mostly ignored by the companies within total security strategies in Turkey?
According to researches, Turkish companies are ahead of world average in some information security aspects. Information security applications expenditures have also been increasing rapidly as compared to world average. Researches claim that serious security vulnerabilities are resulted from very simple mistakes. Therefore, security applications should be identified from simple structures to complex structures. Besides technical precautions, human factor –focused studies are also important. Another important issue is ensuring that defined policies are sustainable.
Security Policies
What should IT managers do to become aware of hazards that changing day by day and to improve their experiences?
Awareness of attacks threatening corporate information security and continuity of tracking them have vital role to ensure corporate security and to develop corporate strategies on this aspect. It should be kept in mind that security subject is a dynamic process; its target and content may modify. IT managers can follow notifications from security products that they are using or follow services posting information security announcements such as NDV (National Vulnerability Database) and iDefense.
Is it necessary to employ CSO (Chief Security Officer) or Whiter hacker within a company? What can be done to increase experienced and reliable human resource in our country?
Information is as important as other assets for each company. Therefore, it is very important to conduct risk analysis while defining security policies. It seems a right manner to employ CSO (Chief Security Officer) or Whiter hacker in accordance with requirements. However, department and people should be investigated very carefully. At least 3-4 times more expertise and training investment should be performed to increase experienced and reliable human resource. Comprehensive trainings should be arranged for combatting IT crimes in different expertise fields. Field success should be tested and certified.
What kind of attacks are the companies most frequently exposed recently?
Popular attack are “stopping/interrupting access to information” ( Ddos etc.) and confidentiality infringements for financial gain (bank and credit card fraud) recently in Turkey and all over the world. Attack types and purposes are changing by time. It should not be forgotten that international attacks such as information theft and service interruption may occur against systems like energy, defense, education, health..etc which are managed by digital systems.
What kind of risks are caused by (Bring your own device-BYOD) concept; What kind of measures do you take to minimize this threat?
In our era, due to diversifying technological developments; employees work with smart phones, tablets or other various storage units. Of course, this means that number and kind of devices you must control within your network increase. Hence, security devices should recognize and monitor these new environments. These kind of new and varying environments create extra load on the system, it should be determined in advance.
What is the area that is mostly ignored by the companies within total security strategies in Turkey?
According to researches, Turkish companies are ahead of world average in some information security aspects. Information security applications expenditures have also been increasing rapidly as compared to world average. Researches claim that serious security vulnerabilities are resulted from very simple mistakes. Therefore, security applications should be identified from simple structures to complex structures. Besides technical precautions, human factor –focused studies are also important. Another important issue is ensuring that defined policies are sustainable.