Despite many accepted IT security standards, many IT projects fail at IT security. This also includes for instance (‘smart’) products that just include information technology in small proportion. What needs to be considered, what mistakes and pitfalls to avoid?
Most IT projects have a tight budget. Only in rare cases, a project manager has access to unlimited financial resources. This applies to projects of both large and small businesses alike but usually the smaller the company the bigger the problem. If security cannot be used as a (unique) selling point for a product or for the development of a system, the project manager often has a hard job to acquire proper and adequate resources for security.
No matter if you are a manager in a small company or even on your own or if you are part of a large enterprise with information security management in place. This pragmatic guide helps you to understand information security on a high level and how to integrate security in your project or product. What needs to be done for long-term success and why? The author, Computer Scientist Frank Hissen, explains it in a few practical steps from over 15 years of experience as IT security consultant:
Motivation: IT Security Holes in Projects and Products
Enforce IT Security in Projects
IT Security in Projects: From the very beginning!
Security is a Process
IT Security Standards
Do the same for Data Privacy / Protection Laws!
Checklist for Project Managers
Conclusion
.