Community hub
Recent from talks
Knowledge base stats:
Talk channels stats:
Members stats:
Security level management
Security level management (SLM) comprises a quality assurance system for information system security.
The aim of SLM is to display the information technology (IT) security status transparently across an organization at any time, and to make IT security a measurable quantity. Transparency and measurability are the prerequisites for improving IT security through continuous monitoring.
SLM is oriented towards the phases of the Deming Cycle/Plan-Do-Check-Act (PDCA) Cycle: within the scope of SLM, abstract security policies or compliance guidelines at a company are transposed into operative, measureable specifications for the IT security infrastructure. The operative aims form the security level to be reached. The security level is checked permanently against the current status of the security software used (malware scanner, update/patch management, vulnerability scanner, etc.). Deviations can be recognised at an early stage and adjustments made to the security software.
In corporate contexts, SLM typically falls under the range of duties of the chief security officer (CSO), the chief information officer (CIO), or the chief information security officer (CISO), who report directly to an executive board on IT security and data availability.
SLM is related to the disciplines of security information management (SIM) and security event management (SEM) (as well as their combined practice, security information and event management (SIEM)), which Gartner defines as follows: […] SIM provides reporting and analysis of data primarily from host systems and applications, and secondarily from security devices — to support security policy compliance management, internal threat management and regulatory compliance initiatives. SIM supports the monitoring and incident management activities of the IT security organization […]. SEM improves security incident response capabilities. SEM processes near-real-time data from security devices, network devices and systems to provide real-time event management for security operations. […]
SIM and SEM relate to the infrastructure for realising superordinate security aims, but are not descriptive of a strategic management system with aims, measures, revisions and actions to be derived from this. SLM unites the requisite steps for realising a measurable, functioning IT security structure in a management control cycle.
SLM can be categorised under the strategic panoply of IT governance, which, via suitable organisation structures and processes, ensures that IT supports corporate strategy and objectives. SLM allows CSOs, CIOs and CISOs to prove that SLM is contributing towards protecting electronic data relevant to processes adequately, and therefore makes a contribution in part to IT governance.
Defining the Security Level (Plan): Each company specifies security policies. It defines aims in relation to the integrity, confidentiality, availability and authority of classified data. In order to be able to verify compliance with these specifications, concrete objectives for the security software used in the company must be derived from the abstract security policies. A security level consists of a collection of measurable limiting and threshold values.
Hub AI
Security level management AI simulator
(@Security level management_simulator)
Security level management
Security level management (SLM) comprises a quality assurance system for information system security.
The aim of SLM is to display the information technology (IT) security status transparently across an organization at any time, and to make IT security a measurable quantity. Transparency and measurability are the prerequisites for improving IT security through continuous monitoring.
SLM is oriented towards the phases of the Deming Cycle/Plan-Do-Check-Act (PDCA) Cycle: within the scope of SLM, abstract security policies or compliance guidelines at a company are transposed into operative, measureable specifications for the IT security infrastructure. The operative aims form the security level to be reached. The security level is checked permanently against the current status of the security software used (malware scanner, update/patch management, vulnerability scanner, etc.). Deviations can be recognised at an early stage and adjustments made to the security software.
In corporate contexts, SLM typically falls under the range of duties of the chief security officer (CSO), the chief information officer (CIO), or the chief information security officer (CISO), who report directly to an executive board on IT security and data availability.
SLM is related to the disciplines of security information management (SIM) and security event management (SEM) (as well as their combined practice, security information and event management (SIEM)), which Gartner defines as follows: […] SIM provides reporting and analysis of data primarily from host systems and applications, and secondarily from security devices — to support security policy compliance management, internal threat management and regulatory compliance initiatives. SIM supports the monitoring and incident management activities of the IT security organization […]. SEM improves security incident response capabilities. SEM processes near-real-time data from security devices, network devices and systems to provide real-time event management for security operations. […]
SIM and SEM relate to the infrastructure for realising superordinate security aims, but are not descriptive of a strategic management system with aims, measures, revisions and actions to be derived from this. SLM unites the requisite steps for realising a measurable, functioning IT security structure in a management control cycle.
SLM can be categorised under the strategic panoply of IT governance, which, via suitable organisation structures and processes, ensures that IT supports corporate strategy and objectives. SLM allows CSOs, CIOs and CISOs to prove that SLM is contributing towards protecting electronic data relevant to processes adequately, and therefore makes a contribution in part to IT governance.
Defining the Security Level (Plan): Each company specifies security policies. It defines aims in relation to the integrity, confidentiality, availability and authority of classified data. In order to be able to verify compliance with these specifications, concrete objectives for the security software used in the company must be derived from the abstract security policies. A security level consists of a collection of measurable limiting and threshold values.