what

job title, keywords

where

city, state, zip

 

 

 

We need to build security into all our technology solutions!

By Dan Swanson

 

---

 

Dan Swanson, a senior security and internal audit professional will provides his list of recommended resources for AuditNet readers. If you have questions about this page or the links, you can reach Dan at www.securitybenchmark.com and dswanson_2008@yahoo.com.

 

For more IT and Information Security resources check out the latest Taylor and Francis publications.

 

---

My first column for 2010 combines the highlighting of my favorite security newsletter, Gary Hinson's monthly security awareness newsletter, with the raising of a very fundamental IT management issue, that is, are you making your security challenges less or more going forward?

 

As most people realize we need to implement effective security by building it into our IT systems, not bolting it on just prior to implementation. Some resources to assist your understanding of the many issues involved and suggestions to move us forward are provided below.

 

A key question for 2010: Does your organization incorporate security as part of its software acquisition process and its system development life cycle (SDLC) process? – and what can be done to make it even more “integrated”?

 

In closing, I welcome hearing about the critical issues facing your organization and some of your “lessons learned” in tackling them, please contact me at dswanson_2008@yahoo.ca.

 

Have another great month.

 

Dan Swanson

 

 

1. Navigating the Security Practice Landscape 

2. CWE™ provides a unified, measurable set of software weaknesses

3. CWE/SANS TOP 25 Most Dangerous Programming Errors

 

---

Please provide your feedback on this article

Name:
Email:
Your message: Please provide your feedback here!

---

The opinions, beliefs and viewpoints expressed by the various authors and forum participants on this web site do not necessarily reflect the opinions, beliefs and viewpoints of AuditNet®