Information Security Specialist Training on the Basis of ISO/IEC 27002
نویسندگان
چکیده
Information Security (IS) specialists’ training for all sectors of trade, industry and government has never been more important as intellectual property and other sensitive or business-critical information becomes the life-blood of many companies today. Analysis of the experience collected within training of IS specialists at the Moscow Engineering Physics Institute (State University) (the MEPhI) at the Information Security Faculty allows forming the basic requirements to the level of their preparation. To form such requirements it is expedient to take a look at the types and tasks of professional activity of the graduates and to formulate their qualification characteristics. This paper formulates these characteristics on the basis of ISO/IEC 27002 (former ISO/IEC 17799:2005).
منابع مشابه
Security level analysis of academic information systems based on standard ISO 27002: 2003 using SSE-CMM
this research was conducted to find out the level of information security in organization to give recommendations improvements in information security management at the organization. This research uses the ISO 27002 by involving the entire clause that exists in ISO 27002 check-lists. Based on the analysis results, 13 objective controls and 43 security controls were scattered in 3 clauses of ISO...
متن کاملISO/IEC 27000, 27001 and 27002 for Information Security Management
With the increasing significance of information technology, there is an urgent need for adequate measures of information security. Systematic information security management is one of most important initiatives for IT management. At least since reports about privacy and security breaches, fraudulent accounting practices, and attacks on IT systems appeared in public, organizations have recognize...
متن کاملSecurity Evaluation supported by Information Security Mechanisms
Information security plays a key role in protection of organization’s assets. There exist a number of standards and guidelines providing huge lists of security controls that, if properly used, might be useful against cyber threats. However, these standards leave the process of controls selection to the organizations. Security manager has to carry out a decision on implementation of security con...
متن کاملAn Overview of Laws and Standards for Health Information Security and Privacy
In the complex technological world that healthcare organizations and their business associates operate, there exist security threats and attacks which render individually identifiable health information vulnerable. Laws exist to ensure that healthcare providers take practical measures to address the security and privacy needs of health information. There are also standards that assist healthcar...
متن کاملSecurity Evaluation Model based on the Score of Security Mechansisms
Information security plays a key role in protection of organization’s assets. There exist a number of standards and guidelines providing huge lists of security controls that, if properly used, might be useful against cyber threats. However, these standards leave the process of controls selection to the organizations. Security manager has to carry out a decision on implementation of security con...
متن کامل