Threat Level: green Handler on Duty: Manuel Pelaez

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Day 33 - Working with Management to Improve Processes

Published: 2008-11-02
Last Updated: 2008-11-03 15:34:53 UTC
by Mari Nichols (Version: 1)
0 comment(s)

We all understand that management level people are not normally involved with Incident Handling and may want to place the blame somewhere.  As professionals we need to keep management focused on the issue of exactly how the incident happened and use the opportunity to impress upon them the need for enhanced security.  This is your time to push for funding to fix your processes, technology and obtain improve incident handling capabilities.

One good method is to utilize visual aids to break down exactly what happened.  Using visual aids to demonstrate the incident will increase your chances that non-technical management will understand exactly what happened and to see where the weaknesses are in the system.  Once they understand the weaknesses in the system they are more likely to approve the funding to fix it.

If you have special ways you work with management, please contact us and let us know.

Mari Nichols    iMarSolutions

0 comment(s)
Diary Archives