Why Information Assurance?
Military organizations, governments, Fortune 500 companies and other high profile bureaucracies with extremely valuable information seek extremely assured systems.
My Roget’s Super Thesaurus says this about the word assurance:
Assurance n. 1. CONFIDENCE security, sureness, courage, boldness, self-assurance, conviction.
Assured a. 1. GUARANTEED sure, certain, secure.
Organization that tend to critical systems require a higher level of assurance. And for good reason. They handle, process and store our Social Security Numbers, medical records, criminal records, pay checks, credit history and our National Security. They are literally the keepers of our digital lives.
Many see information assurance as a formality, something useless that is being forced on them by ridiculous laws and policies. Information assurance is often completely ignored until there is a disaster.
We require systems with a high level of assurance (or confidence) that will provide confidentiality, integrity and availability to data as advertised. Systems with no assurance can cost millions of dollars, loss of valuable data and even lives.
It is the job of a System Security Engineer (SSE) to evaluate and analyze a systems level of assurance so that the decision makers (CEOs, CIOs, senior officers, government officials, senior managers, et al) can make a sound judgment on what kind of responsibility they must shouldered and what kind of risks they are taking. In many ways the SSE is the eyes and ears of the decision maker.
I’m finding my job as an SSE more valuable every day as people become more dependent on Information and the systems that assure its safe passage.
My Roget’s Super Thesaurus says this about the word assurance:
Assurance n. 1. CONFIDENCE security, sureness, courage, boldness, self-assurance, conviction.
Assured a. 1. GUARANTEED sure, certain, secure.
Organization that tend to critical systems require a higher level of assurance. And for good reason. They handle, process and store our Social Security Numbers, medical records, criminal records, pay checks, credit history and our National Security. They are literally the keepers of our digital lives.
Many see information assurance as a formality, something useless that is being forced on them by ridiculous laws and policies. Information assurance is often completely ignored until there is a disaster.
We require systems with a high level of assurance (or confidence) that will provide confidentiality, integrity and availability to data as advertised. Systems with no assurance can cost millions of dollars, loss of valuable data and even lives.
It is the job of a System Security Engineer (SSE) to evaluate and analyze a systems level of assurance so that the decision makers (CEOs, CIOs, senior officers, government officials, senior managers, et al) can make a sound judgment on what kind of responsibility they must shouldered and what kind of risks they are taking. In many ways the SSE is the eyes and ears of the decision maker.
I’m finding my job as an SSE more valuable every day as people become more dependent on Information and the systems that assure its safe passage.
posted by elamb at 4:29 PM Permalink 
0 Comments:
Post a Comment
<< Home