Corporate Security Policy

« Back to DataSecurityPolicies.com

Corporate Security Policy

Randy Bias wrote a helpful article called Architecting Practical Corporate Security Policies here. I especially liked the Example Policy Framework and the suggestions on what should be included in a Corporate Security Policy.

Here’s an excerpt:

Corporate Security Policy
^{Audience: Executive Management, particularly the CSO, CISO, and Senior INFOSEC Staff}

This element is really the overarching framework within which the rest of your policies would be designed. It provides context for the entire policy framework, policy on creating policy, and pointers to which portions of the policy are relevant for which audiences.

Encompassed within the corporate security policy might be 5 key areas (in order):

Risk Management Policy

Core Policies

Vendor & Service Provider Evaluation Policies

Processes & Procedures

Compliance Policy

Very useful info! Check it out!

This entry was posted on Tuesday, October 16th, 2007 at 11:31 pm and is filed under Corporate Security Policy, Security Policies. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Recent Data Breaches

T-Mobile Says It Wasn't Hacked, No Customer Data Stolen (Brighthand)

Posted 14 months ago

Over the weekend, a group of hackers began claiming to have broken into T-Mobile USA servers, but this wireless phone company says it has no evidence that this group actually has the customer data it claims to. [Link]

T-Mobile confirms stolen data is genuine (Macworld)

Posted 14 months ago

T-Mobile confirmed on Tuesday that internal information posted on the Internet by hackers was stolen from its systems. [Link]

T-Mobile: Customer data wasn't compromised in security breach (Mobile Burn)

Posted 14 months ago

T-Mobile confirmed today that confidential internal information obtained by hackers was stolen from T-Mobile's servers, but said that it doesn't appear that customer data has been breached. [Link]

Insurance firm breaches Data Protection Act (VNU Net via Yahoo! UK & Ireland News)

Posted 14 months ago

The Information Commissioners Office (ICO) has found insurer Amicus Legal in breach of the Data Protection Act after the firm reported an unencrypted laptop was stolen containing personal information relating to 100,000 customers. [Link]

T-Mobile Admits Customer Data Was Stolen (Phone Scoop)

Posted 14 months ago

T-Mobile issued the following statement regarding reports of a breach in its data systems. "To reaffirm, the protection of our customers' information and the security of our systems is paramount at T-Mobile. Regarding the recent claim on a Web ... (follow link to read) [Link]

T-Mobile admits stolen data is genuine (TechWorld)

Posted 14 months ago

But denies its signifcance. T-Mobile confirmed that internal information posted on the Internet by hackers was stolen from its systems, but said it does not appear customer data is in jeopardy. [Link]

T-Mobile Data For Sale? (Digital Trends)

Posted 14 months ago

Hackers claim to have stolen T-Mobile customer data, and are offering it for sale online. [Link]

T-Mobile Confirms Stolen Data Is Genuine (PC World via Yahoo! News)

Posted 14 months ago

T-Mobile confirmed on Tuesday that internal information posted on the Internet by hackers was stolen from its systems, but said it does not appear customer data is in jeopardy. [Link]

Hackers try to sell stolen T-Mobile data (PC Advisor)

Posted 14 months ago

Mobile network investigating forum claims T-Mobile is investigating how internal data was stolen from the mobile network's servers. [Link]

T-Mobile confirms stolen data is genuine (Computerworld)

Posted 14 months ago

IDG News Service - T-Mobile confirmed today that internal information posted on the Internet by hackers was stolen from its systems, but said it does not appear customer data is in jeopardy. [Link]

T-Mobile Confirms Stolen Data is Genuine (CIO)

Posted 14 months ago

T-Mobile confirmed on Tuesday that internal information posted on the Internet by hackers was stolen from its systems, but said it does not appear customer data is in jeopardy. [Link]

Hackers thought to have stolen T-Mobile data (PC Advisor)

Posted 14 months ago

Mobile network investigating forum claims T-Mobile is investigating claims that internal data has been stolen from the mobile network's servers. [Link]

T-Mobile Confirms Stolen Data Is Genuine (PC World)

Posted 14 months ago

T-Mobile confirmed on Tuesday that internal information posted on the Internet by hackers was stolen from its systems. [Link]

Hackers offer T-Mobile data to highest bidder (VNU Net via Yahoo! UK & Ireland News)

Posted 14 months ago

A group of hackers claims to have completely cracked T-Mobile's network in the US, and stolen proprietary operating data, customer databases and financial records. [Link]

Hackers offer T-Mobile data for sale to highest bidder (VNU Net via Yahoo! UK & Ireland News)

Posted 14 months ago

A group of hackers is claiming to have completely cracked T-Mobiles network in the Unites States and stolen proprietary operating data, customer databases and financial records. [Link]

Hackers offer T-Mobile data to highest bidder (vnunet.com)

Posted 14 months ago

Iain Thomson in San Francisco, vnunet.com , Tuesday 9 June 2009 at 02:34:00 Group claims to have completely cracked T-Mobile A group of hackers claims to have completely cracked T-Mobile's network in the US, and stolen proprietary operating data, customer databases and financial records.... [Link]

Alleged T-Mobile Data Offered To Highest Bidder (InformationWeek)

Posted 14 months ago

A note offering the data for sale says that the company's databases, confidential documents, and financial documents were stolen. [Link]

Network Security: To Know It Is to Better Secure It (Enterprise IT Planet)

Posted 14 months ago

A security expert at Cyber Infrastructure Protection '09 revealed that most data breaches occur in places on the network that are not monitored or secure. Knowing your network well enables you to block many of these attacks. [Link]

Massive T-Mobile breaches (p2pnet.net)

Posted 14 months ago

p2pnet news view Mobiles | Security:- There’ve been unconfirmed reports of massive T-Mobile breaches, says p2pnet World Headlines compiler Marc, citing Channelinsider, the first being »»» Early reports indicate that hackers have penetrated the T-Mobile U.S. network and stolen proprietary operating data, customer databases and financial records. According to a post on insecure.org, [...] [Link]

New App Aims to Plug Holes in Leaky Enterprise Data Hulls (TechNewsWorld.com)

Posted 14 months ago

Trend Micro on Monday announced LeakProof 5.0, designed to reduce the complexity and cost often associated with the discovery, monitoring and blocking of sensitive enterprise data. New features are built around the Active Update service and language-independent fingerprinting technology the company calls "DataDNA." Leakproof 5.0 will be available June 22. [Link]

About the RSS Aggregator

Security News Feed

EMC, Intel team up on cloud security, compliance

Posted 5 months ago

EMC, RSA, VMware and Intel have announced a new collaboration to introduce a framework encompassing security and compliance for cloud computing in the enterprise space. by Kevin Kwang ZDNet Asia [Link]

LHC to restart following break and glitches

Posted 5 months ago

The The Large Hadron Collider, the world's largest particle accelerator is to restart on Monday following a technical break and glitches in the machine. by Tom Espiner ZDNet UK [Link]

Google launches people finder for Chile earthquake

Posted 5 months ago

Google has launched a tool to help people locate friends and loved ones who might have been affected by the 8.8 magnitude earthquake in Chile on Saturday. by Steven Musil CNET News [Link]

Skype drops Windows Mobile and Skype Lite

Posted 5 months ago

Skype has announced it is pulling Skype for Windows Mobile phones and Skype Lite for Java handsets, including Android. by Jessica Dolcourt CNET News [Link]

Next Firefox to drop Mac OS X 10.4 support

Posted 5 months ago

Mozilla has officially decided that the next major version of Firefox will require at least Mac OS X 10.5 when running on Apple computers. by Stephen Shankland CNET News [Link]

Cisco embarks on media-centric Internet thrust

Posted 5 months ago

The Internet is moving away from being a data transportation and messaging platform, into a space filled with integrated rich-media content, according to Cisco Systems. by Kevin Kwang, ZDNet Asia [Link]

Google execs convicted in YouTube Italy case

Posted 5 months ago

An Italian court handed out guilty verdicts on Wednesday for three of four Google executives charged a case concerning a YouTube video posted of a teenager with Down Syndrome. by Stephen Shankland CNET News [Link]

Reducing the high cost of low-value applications

Posted 5 months ago

The speed of technology advancements and rapid pace of today?s business environment often force companies to rely on an application long after it has ceased to provide maximum value, says Keane's Walid Farha. by Walid Farha, Keane, Special to ZDNet [Link]

The growing need for a flexible governance and risk management framework

Posted 5 months ago

Neither regulations nor security threats are going away but the right approach to compliance and risk management can be less expensive than the way most organizations tackle these situations today, says Novell's Jay Roxe. by Jay Roxe, Novell, Special to ZDNet [Link]

Uncovering hidden mobile costs

Posted 5 months ago

Today, with a lagging economy, those charged with finding savings within their organizations wonder if opportunities to reduce costs still exist; and if so, where they can be found, says Al Subbloie CEO of Tangoe, Inc. by Al Subbloie, Tangoe, Inc., Special to ZDNet [Link]

All your power needs in a box? A Bloom box

Posted 5 months ago

Bloom Energy claims its invention, a little power plant-in-a-box you can literally in your backyard, is a power source that's inexpensive and clean, with no emissions. by CBS Interactive Staff [Link]

Mozilla patches critical Firefox bugs

Posted 5 months ago

Mozilla has released fixes for five security holes in older versions of Firefox, while a security company has warned of a zero-day flaw in the latest version of the popular browser. by Matthew Broersma [Link]

Zeus Trojan infects 74,000 PCs in global botnet

Posted 5 months ago

More than 74,000 PCs at nearly 2,500 organizations around the world were compromised over the past year-and-a-half, in a botnet infestation designed to steal login credentials to bank sites, social networks and email systems. by Elinor Mills CNET News [Link]

About the RSS Aggregator


First Name:
Email:

Leave a Reply

Get the BEST security policies reference book!

Recent Data Breaches

Archives

Categories

Information Security

Links

Security Policies

Security News Feed