It is now widely accepted that esecurity (ecommerce security) is a business issue. Equally, it is largely expected that esecurity reviews will be business related, with cost justified solutions and recommendations.
In addition, as organizations seek a better and more visible return on their ecommerce security budgets, many adopt new approaches to the traditional constraints of lack of esecurity expertise, time and finance.
Often, a formal security risk analysis or risk assessment technique is employed. However, conventional methods and tools simply do not address the new demands placed by the ecommerce environment and business management. Some go part of the way, but tend to introduce their own drawbacks and difficulties. And what of ISO 17799 (BS7799)?
To tackle these problems and issues, an entirely new methodology had to be developed. This followed years of research and was produced in full co-operation with one of the worlds major financial institutions.
It was recognised that business users should be involved from the outset. This carries a number of advantages, and shapes the entire review. In addition, a number of other radical departures were called for. The result was a risk analysis methodology and esecurity tool that meets the most stringent of requirements, fully satisfying the changing demands placed upon the security or audit team.
The following pages will examine:
Utilising the COBRA system enables BOTH these essential tasks to be undertaken with the minimum of fuss, expense or difficulty. It is the most cost effective and straightforward route to ensure that security is commensurate with risk and is in line with the demands of the ISO 17799 / BS7799 standard.
For more information on the COBRA system, please do not hesitate to contact us.
File Download Area
Web Links
Links to useful information and resources on the Web.
Copyright © 2000 C & A Systems Security Ltd
