Information Security Governance

The ultimate guide to Information Security Governance and Culture.

We are currently developing the ultimate guide to Information Security Governance and Information Security Culture. With the increasing complexity of IT infrastuctures in organisations, and increasing information warfare on the Internet, many organisations find that traditional approaches to Information Security manangement are no longer working. Most organisations are still basing their information security on the old 17799 security standard that was developed several decades ago, and are struggeling to copy with the increase in threats and vulnerabilities not addressed by current security standards.

In the current rapidly changing information security environment, just implementing state-of-the-art security is no longer adequate. Standards work well in a more static environment, but in this dynamic security environment you will have to be innovative in your security management approach, and go beyond what standards prescribe. Sometimes you will also have to ignore what these standards suggest and adjust your information security to the latest developments in security research.

More importantly, in a dynamic environment organizations will need to implement decentralised decision making to ensure the necessary flexibility and adaptability of their security posture. And, in such an environment of decentralised decision making it becomes extremely important to implement the right security governance structures and practices to ensure that consistently good decisions are being made.

We have put up the first version of our security culture pages and put up several pages in the resources section. At the moment we are working on the security management section. In the months to come we will extend this web site with information aimed at providing you new ideas on how to improve your security governance and culture and reduce the cost of higher levels of information security, in particular the maintenance of information security. In the mean time, if you are waiting impatiently, why not have a look at my academic papers on security governance and strategic context, which will give you a taste of what is to come.

Please bookmark this site, visit us often to see what's new, and help us by providing your feedback.

If this is the first time you visit this site, please read our disclaimer.

Security tutorials
Free resources

Affordable web hosting
and reliable

Web Hosting
web master guide

Bumper stickers
Funny stickers