新书推介:《语义网技术体系》
作者:瞿裕忠,胡伟,程龚
   XML论坛     >>W3CHINA.ORG讨论区<<     计算机科学论坛     SOAChina论坛     Blog     开放翻译计划     新浪微博  
 
  • 首页
  • 登录
  • 注册
  • 软件下载
  • 资料下载
  • 核心成员
  • 帮助
  •   Add to Google

    >> 计算机英语求助,计算机英语翻译互助
    [返回] W3CHINA.ORG讨论区 - 语义网·描述逻辑·本体·RDF·OWL休息区『 计算机英语 』 → CSO的崛起: 安全侵袭高级管理 查看新帖用户列表

      发表一个新主题  发表一个新投票  回复主题  (订阅本版) 您是本帖的第 2714 个阅读者浏览上一篇主题  刷新本主题   树形显示贴子 浏览下一篇主题
     * 贴子主题: CSO的崛起: 安全侵袭高级管理 举报  打印  推荐  IE收藏夹 
       本主题类别:     
     雄鹰在线 帅哥哟,离线,有人找我吗?
      
      
      威望:5
      头衔:雄鹰在线CEO
      等级:研二(中了一篇ISWC(版主)
      文章:1083
      积分:5869
      门派:XML.ORG.CN
      注册:2003/10/7

    姓名:(无权查看)
    城市:(无权查看)
    院校:(无权查看)
    给雄鹰在线发送一个短消息 把雄鹰在线加入好友 查看雄鹰在线的个人资料 搜索雄鹰在线在『 计算机英语 』的所有贴子 访问雄鹰在线的主页 引用回复这个贴子 回复这个贴子 查看雄鹰在线的博客楼主
    发贴心情 CSO的崛起: 安全侵袭高级管理


    As chief security officer (CSO) of Portland, Maine-based electronic payment provider Clareon, Frank Jaffe is responsible for everything from deciding which security products to buy, to making sure users' passwords are strong enough.

    "My job is not a technical job, though I deal with a lot of technology. I have a more business-practice role," said Jaffe.

    Jaffe sees his role as fostering a corporate environment that values security. For example, he holds yearly security training sessions that are mandatory -- even for the CEO.

    Jaffe also has a monthly contest pitting his Unix administrators against his Windows administrators to see who has the more secure systems. "What they get out of it is bragging rights, which is a big reward," he said.

    Jaffe also uses cracking tools to periodically check the security of employee passwords. If an employee has three weak passwords in a row, they are assigned a new password. "They know they won't like the password I assign them," Jaffe said.

    A few years ago, a position like Jaffe's would have been unusual. Today, however, more than 200 companies have chief security officers according to analyst firm Giga Information Group in Cambridge, Mass. While the title shows businesses' increased awareness toward security issues, some may question the need to appoint a CSO. After all, shouldn't the CIO handle security?

    Experts say it may be unfair to expect CIOs to shoulder all the weight of security matters.

    CIOs tend to know how to create great networks and other infrastructure, but security is probably not their forte, said Sondra Schneider, CEO and founder of Security University, a security training company in Stamford, Conn. "They can build a great house, but they aren't too familiar with locks and home security systems," she said.

    In many companies, security is delegated to someone at a lower level. Yet the same executives offloading these responsibilities wouldn't think twice about spending their energies, say, evaluating insurance -- a practice similar in importance to security, Schneider said.

    For companies who choose to have a CSO, there is a lot of variation in how that person fits into the corporate hierarchy. Generally, CSOs tend to report to the CIO. Yet in some companies, the CSO is in the upper echelon of management -- on par with the CTO and CIO.

    Some companies have adopted other monikers for the position:

    Chief Security Architect
    Chief Information Security Officer
    Security Manager
    Corporate Security Officer
    Information Security Manager
    Additionally, an existing high-level executive can wear the CSO hat along with his or her other titles.

    For example, Dave Juitt is both the CTO and the chief security architect of Burlington, Mass.-based Bluesocket, which specializes in securing wireless local area networks. His duties range from supervising security training of personnel to explaining security issues to the board of directors.

    Juitt is bilingual in both the language of technology and of business. He can talk about firewalls and intrusion-detection systems with his network people, but he can also discuss how security impacts business needs with the company's board of directors. His job, however, is not to get lost in the technology but to see how it will help the company achieve its business goals.

    "You can have the best technology in the world but without education, policy and ongoing testing, you haven't even started," Juitt said.

    There's no escaping the fact that having a CSO (or similar position) holds some public relations value for a company. It tells prospective clients or customers that the company is serious about security. Juitt, however, sees this sort of thinking as short-lived.

    Over time, people will start to see security as part of business and expect it much like quality and assurance, Juitt said. "There is not a lot of public relations value in a QA department. [Yet,] you are expected to have one," he said.


       收藏   分享  
    顶(0)
      




    ----------------------------------------------

    雄鹰在线 http://www.cso.com.cn
    博客雄鹰 http://cso.blogger.org.cn

    点击查看用户来源及管理<br>发贴IP:*.*.*.* 2005/10/10 17:05:00
     
     GoogleAdSense
      
      
      等级:大一新生
      文章:1
      积分:50
      门派:无门无派
      院校:未填写
      注册:2007-01-01
    给Google AdSense发送一个短消息 把Google AdSense加入好友 查看Google AdSense的个人资料 搜索Google AdSense在『 计算机英语 』的所有贴子 访问Google AdSense的主页 引用回复这个贴子 回复这个贴子 查看Google AdSense的博客广告
    2024/11/26 12:22:51

    本主题贴数1,分页: [1]

    管理选项修改tag | 锁定 | 解锁 | 提升 | 删除 | 移动 | 固顶 | 总固顶 | 奖励 | 惩罚 | 发布公告
    W3C Contributing Supporter! W 3 C h i n a ( since 2003 ) 旗 下 站 点
    苏ICP备05006046号《全国人大常委会关于维护互联网安全的决定》《计算机信息网络国际联网安全保护管理办法》
    2,492.188ms