fbpx
Wikipedia

Security level management

October 27, 2023

Security level management (SLM) comprises a quality assurance system for electronic information security.

The aim of SLM is to display the IT security status transparently across a company at any time, and to make IT security a measurable quantity. Transparency and measurability form the prerequisites for making IT security proactively monitorable, so that it can be improved continuously.

SLM is oriented towards the phases of the Deming Cycle/Plan-Do-Check-Act (PDCA) Cycle: within the scope of SLM, abstract security policies or compliance guidelines at a company are transposed into operative, measureable specifications for the IT security infrastructure. The operative aims form the security level to be reached.

The security level is checked permanently against the current performance of the security systems (malware scanner, patch systems, etc.). Deviations can be recognised early on and adjustments made to the security system. SLM falls under the range of duties of the chief security officer (CSO), the chief information officer (CIO) or the chief information security officer (CISO), who report directly to the Executive Board on IT Security and data availability.

Classification edit

SLM is related to the disciplines of Security and Security Event management (SIEM), which the analysts Gartner summarise in their Magic Quadrant for Security Information and Event Management, and define as follows: "[…] SIM provides reporting and analysis of data primarily from host systems and applications, and secondarily from security devices — to support security policy compliance management, internal threat management and regulatory compliance initiatives. SIM supports the monitoring and incident management activities of the IT security organization […]. SEM improves security incident response capabilities. SEM processes near-real-time data from security devices, network devices and systems to provide real-time event management for security operations. […]"

SIM and SEM relate to the infrastructure for realising superordinate security aims, but are not descriptive of a strategic management system with aims, measures, revisions and actions to be derived from this. SLM unites the requisite steps for realising a measurable, functioning IT security structure in a management control cycle.

SLM can be categorised under the strategic panoply of IT governance, which, via suitable organisation structures and processes, ensures that IT supports corporate strategy and objectives. SLM allows CSOs, CIOs and CISOs to prove that SLM is contributing towards protecting electronic data relevant to processes adequately, and therefore makes a contribution in part to IT governance.

The Steps towards SLM edit

Defining the Security Level (Plan): Each company specifies security policies. The executive management defines aims in relation to the integrity, confidentiality, availability and authority of classified data. In order to be able to verify compliance with these specifications, concrete aims for the individual security systems at the company need to be derived from the abstract security policies. A security level consists of a collection of measurable limiting and threshold values.

Example: operative aims like "the anti-virus systems at our UK sites need to be up-to-date no longer than four hours after publication of the current definition" need to be derived from superordinate security policies like "our employees should be able to work without being interrupted."

Limiting and threshold values are to be specified separately and individually for different sites, locations and countries, because the IT infrastructure on-site and any other local determining factors need to be taken into consideration.

Example: office buildings in the UK are normally equipped with high-speed dedicated lines. It is wholly realistic here to limit the deadline for supplying all computers with the newest anti-virus definitions to a few hours. For a factory in Asia, with a slow modem link to the web, a realistic limiting value would have to be set that is somewhat higher.

The IT control manual Control Objectives for Information and Related Technology Cobit (CobiT) provides companies with instructions on transposing subordinate, abstract aims into measurable aims in a few steps.

Collecting and Analysing Data (Do):Information on the current status of the systems can be gleaned from the log file and status reports provided by individual anti-virus, anti-spyware or anti-spam consoles. Monitoring and reporting solutions analysing software applications from all software houses can simplify and accelerate data collection.

Checking the Security Level (Check): SLM prescribes continual reconciliation of the defined security level with the current measured values. Automated real-time reconciliation supplies companies with a permanent status report on the security status across all locations.

Adjusting the Security Structure (Act): Efficient SLM allows trend analyses and long-term comparative assessments to be made. Through the rolling observation of the security level, weak spots in the network can be identified early on and appropriate adjustments made proactively in the security systems.

See also edit

Besides defining the specifications for engineering, introducing, operating, monitoring, maintaining and improving a documented information security management system, ISO/IEC 27001 also defines the specifications for implementing suitable security mechanisms.

ITIL, a collection of best practices for IT control processes, goes far beyond IT security. In relation, it supplies criteria for how Security Officers can conceive IT security as an independent, qualitatively measurable service and integrate it into the universe of business-process-oriented IT processes. ITIL also works from the top down with policies, processes, procedures and job-related instructions, and assumes that both superordinate, but also operative aims need to be planned, implemented, controlled, evaluated and adjusted.

Gordon–Loeb model for cyber security investments.

External links edit

  • COBIT:
  • Summary and material from the German Chapter of the ISACA - German
  • 4.0 Deutsch.pdf Cobit 4.0 - German
  • ISO/IEC 27000
  • The ISO 27000 Directory
  • International Organization for Standardization
  • ITIL
  • "How ITIL can improve Information Security", securityfocus.com – English
  • Official ITIL website of the British Office of Government Commerce - English

October 27, 2023
security, level, management, this, article, includes, list, references, related, reading, external, links, sources, remain, unclear, because, lacks, inline, citations, please, help, improve, this, article, introducing, more, precise, citations, 2017, learn, wh. This article includes a list of references related reading or external links but its sources remain unclear because it lacks inline citations Please help to improve this article by introducing more precise citations May 2017 Learn how and when to remove this template message Security level management SLM comprises a quality assurance system for electronic information security The aim of SLM is to display the IT security status transparently across a company at any time and to make IT security a measurable quantity Transparency and measurability form the prerequisites for making IT security proactively monitorable so that it can be improved continuously SLM is oriented towards the phases of the Deming Cycle Plan Do Check Act PDCA Cycle within the scope of SLM abstract security policies or compliance guidelines at a company are transposed into operative measureable specifications for the IT security infrastructure The operative aims form the security level to be reached The security level is checked permanently against the current performance of the security systems malware scanner patch systems etc Deviations can be recognised early on and adjustments made to the security system SLM falls under the range of duties of the chief security officer CSO the chief information officer CIO or the chief information security officer CISO who report directly to the Executive Board on IT Security and data availability Contents 1 Classification 2 The Steps towards SLM 3 See also 4 External linksClassification editSLM is related to the disciplines of Security and Security Event management SIEM which the analysts Gartner summarise in their Magic Quadrant for Security Information and Event Management and define as follows SIM provides reporting and analysis of data primarily from host systems and applications and secondarily from security devices to support security policy compliance management internal threat management and regulatory compliance initiatives SIM supports the monitoring and incident management activities of the IT security organization SEM improves security incident response capabilities SEM processes near real time data from security devices network devices and systems to provide real time event management for security operations SIM and SEM relate to the infrastructure for realising superordinate security aims but are not descriptive of a strategic management system with aims measures revisions and actions to be derived from this SLM unites the requisite steps for realising a measurable functioning IT security structure in a management control cycle SLM can be categorised under the strategic panoply of IT governance which via suitable organisation structures and processes ensures that IT supports corporate strategy and objectives SLM allows CSOs CIOs and CISOs to prove that SLM is contributing towards protecting electronic data relevant to processes adequately and therefore makes a contribution in part to IT governance The Steps towards SLM editDefining the Security Level Plan Each company specifies security policies The executive management defines aims in relation to the integrity confidentiality availability and authority of classified data In order to be able to verify compliance with these specifications concrete aims for the individual security systems at the company need to be derived from the abstract security policies A security level consists of a collection of measurable limiting and threshold values Example operative aims like the anti virus systems at our UK sites need to be up to date no longer than four hours after publication of the current definition need to be derived from superordinate security policies like our employees should be able to work without being interrupted Limiting and threshold values are to be specified separately and individually for different sites locations and countries because the IT infrastructure on site and any other local determining factors need to be taken into consideration Example office buildings in the UK are normally equipped with high speed dedicated lines It is wholly realistic here to limit the deadline for supplying all computers with the newest anti virus definitions to a few hours For a factory in Asia with a slow modem link to the web a realistic limiting value would have to be set that is somewhat higher The IT control manual Control Objectives for Information and Related Technology Cobit CobiT provides companies with instructions on transposing subordinate abstract aims into measurable aims in a few steps Collecting and Analysing Data Do Information on the current status of the systems can be gleaned from the log file and status reports provided by individual anti virus anti spyware or anti spam consoles Monitoring and reporting solutions analysing software applications from all software houses can simplify and accelerate data collection Checking the Security Level Check SLM prescribes continual reconciliation of the defined security level with the current measured values Automated real time reconciliation supplies companies with a permanent status report on the security status across all locations Adjusting the Security Structure Act Efficient SLM allows trend analyses and long term comparative assessments to be made Through the rolling observation of the security level weak spots in the network can be identified early on and appropriate adjustments made proactively in the security systems See also editBesides defining the specifications for engineering introducing operating monitoring maintaining and improving a documented information security management system ISO IEC 27001 also defines the specifications for implementing suitable security mechanisms ITIL a collection of best practices for IT control processes goes far beyond IT security In relation it supplies criteria for how Security Officers can conceive IT security as an independent qualitatively measurable service and integrate it into the universe of business process oriented IT processes ITIL also works from the top down with policies processes procedures and job related instructions and assumes that both superordinate but also operative aims need to be planned implemented controlled evaluated and adjusted Gordon Loeb model for cyber security investments External links editCOBIT Summary and material from the German Chapter of the ISACA German 4 0 Deutsch pdf Cobit 4 0 German ISO IEC 27000 The ISO 27000 Directory International Organization for Standardization ITIL ITIL and Information Security ITIL und Informationssicherheit Federal Office for Information Security BSI Germany German How ITIL can improve Information Security securityfocus com English Official ITIL website of the British Office of Government Commerce English Retrieved from https en wikipedia org w index php title Security level management amp oldid 1157670097, wikipedia, wiki, book, books, library,

article

, read, download, free, free download, mp3, video, mp4, 3gp, jpg, jpeg, gif, png, picture, music, song, movie, book, game, games.