Organizational Information Security from Scratch - A Guarantee for Doing It Right

The foundation for establishing the necessary protections and demonstrating the required diligence towards protecting your organization's proprietary information can be found in a security infrastructure that has been around in one form or another since the early 1990's. It provides a means to combine the technical protections (network firewalls, intrusion detection systems, traffic analyzers, etc.) with business processes (risk & vulnerability testing, information security policies and procedures, etc.) into an overall information security infrastructure. The purpose of this document is to provide an overview of this infrastructure and a strategy for implementing it.