Tech moves fast! Stay ahead of the curve with Techopedia!
Join nearly 200,000 subscribers who receive actionable tech insights from Techopedia.
IT Security Management (ITSM)
Definition - What does IT Security Management (ITSM) mean?
IT security management (ITSM) intends to guarantee the availability, integrity and confidentiality of an organization's data, information and IT services. IT Infrastructure Library (ITIL) security management generally forms part of an organizational strategy to security management that has a broader scope compared to an IT service provider.
ITIL v3 considers IT security management as part of their service design core volume, which results in a more effective integration of this process into the service life cycle. An information security manager is the process owner of IT security management.
Techopedia explains IT Security Management (ITSM)
The following are information management sub-processes and process objectives:
- Designing security controls: To design suitable organizational and technical measures to guarantee the availability, integrity and confidentiality of an organization's data, information and IT services
- Security testing: To ensure that all security mechanisms are subjected to regular testing
- Managing security incidents: To identify and fight intrusions and attacks and also to minimize damages incurred due to security breaches
- Security review: To review whether the safety measures and processes are still in accordance with risk perceptions from the business side, and also to validate whether these safety measures and processes are consistently managed and tested
The ITIL terms and information objects that are widely used in the security management process in order to signify process inputs and outputs are as follows:
- Availability/IT service continuity management (ITSCM)/security testing schedule
- Correlation rules and event filtering
- Information security policy
- Information security report
- Security management information system (SMIS)
- Test report
- Underpinning Information security policy
- Security advisories
- Security alert
-
Indications of Compromise - A recent study investigated the cybersecurity preparedness of 400 SMBs and enterprises across the US and the UK. The survey revealed unsettling overconfidence among respondents that a major breach or attack won’t happen to them. -
CYBERSECURITY: CAN OVERCONFIDENCE LEAD TO AN EXTINCTION EVENT? - A 2016 Malwarebytes study found that 40% of businesses were hit with a ransomware virus in the previous year, with 20% of those affected having to close up shop as a result. To retain your clients, you need to keep them safe.
