The industry has approached the development of security management products in a “bottom-up” direction, providing key components of the security management functionality wherever this has been technically feasible. Vendors have focused on supporting management approaches with a significant following. For example, ITIL, COBIT, and ISO 27000 have provided focal points around which management products have clustered. Organizations should evaluate components that will deliver a significant return on investment (ROI) in their environments while providing a platform for the development of a more comprehensive security management environment.
Products in the security management category can deliver business benefits in the following areas:
They can provide the evidence to satisfy audit and compliance requirements, which in some business situations are mandatory obligations. In other situations, the information may be useful to reassure business partners and customers about the security of their intellectual property.
They can improve the effectiveness of the organization’s security efforts.
They can enable better security alignment of resources to the risks the organization faces, and therefore a better return on investment.
These benefits depend on the organization using the information that the tools provide. The task of converting the information provided by the tools into actions is not trivial. Management tools in general tend towards generating too much information and obscuring the key messages under a mountain of less important data. Therefore, tools should be judged by the extent to which they filter information and allow tailoring of alerts to business priorities. When interfacing with risk management activities, the main difficulty is in determining reliable quantitative information about risks. Business benefits depend on the relevance of the information obtained and the use that is made of it.
In the field of patch management, management products have to integrate with the patch delivery services of several application and platform vendors. These vendor patches may adversely impact larger organizations with more customized IT deployments if the patch conflicts with a customization that the organization has applied to the application. Organizations therefore try to apply patches in a periodic rollout strategy and test each group of updates before they are deployed. The security management tools then have to be integrated with the organization’s testing tools and processes.
Each of the regulations that impact businesses require organizations to deploy multiple security “controls” over their systems and processes. Every organization is subject to many laws and regulations. Fortunately, the same controls feature in multiple laws and regulatory regimes. Some security management tools help users rationalize these activities and avoid duplicating reports or controls.
Generally, the benefits of security management increase with the size of the organization. The need to use automated tools to collate, rationalize, and assimilate information from diverse sources increases with the size of the operation
To know more about this report & to buy a copy please visit :
Ph : 91-22-40583020
Website : www.visionshopsters.com
Visionshopsters specializes in providing comprehensive collection of online market research reports, events bookings, country reports, company profiles, latest books and magazines, customized research services offering informative solutions worldwide. We constantly believe in providing inventive solutions to clients all across the globe. Our clientele consists of over thousands of top most academic organizations, financial institutions, trading companies, legal service providers, accounting consultancies and other corporate business executives.