Seven Pieces of Advice to Improve Your Information Security
Best Practices from the Enterprise’s Point of View
This work is licensed under a Creative Commons Attribution 4.0 International License.
The copyright to this article is transferred to the University of Public Service Budapest, Hungary (for U.S. government employees: to the extent transferable) effective if and when the article is accepted for publication. The copyright transfer covers the exclusive right to reproduce and distribute the article, including reprints, translations, photographic reproductions, microform, electronic form (offline, online) or any other reproductions of similar nature.
The author warrants that this contribution is original and that he/she has full power to make this grant. The author signs for and accepts responsibility for releasing this material on behalf of any and all co-authors.
An author may make an article published by University of Public Service available on a personal home page provided the source of the published article is cited and University of Public Service is mentioned as copyright holder
Abstract
Establishing and operating an effective information security management system within an organization is never an easy job. Organizational culture, management support, budget restrictions and many other factors affect the security efforts of a company. Although the information security academic literature is growing, there is no clear guidance in several fields of the topic, therefore the life-tested best practices can be a useful aid in operating such systems. The aim of this paper is to provide a short guidance regarding the basic steps of a beginner information security manager, and maybe to give some useful thoughts to the experienced officers, as well.