Abstract: . . .  are still in their infancy, and undoubtedly ISO 17799 will evolve over time as deficiencies are addressed. The recently formed Center for Internet Security ( www.cisecurity.org ), a consortium of more than 100 organizations chartered to deal with due diligence, among other issues, has adopted BS 7799 as a foundational standard. The flexibility of ISO 17799 is such that work done toward it should transfer to any emerging information security standard that may be deemed preferable in the future. ISO 17799 is, after all, nothing more than applied and documented “best practices.” We expect to see an ever-increasing demand for information security certification. This phenomenon will be driven by many factors, including: • Regulatory requirements, such as HIPAA • Marketing incentives, particularly in e-commerce and finance • Financial incentives, such as insurance premium reductions • Corporate “due diligence” concerns All of these examples represent growth opportunities and challenges to all . . .
. . .  still in their infancy, and undoubtedly ISO 17799 will evolve over time as deficiencies are addressed. The recently formed Center for Internet Security ( www.cisecurity.org ), a consortium of more than 100 organizations chartered to deal with due diligence, among other issues, has adopted BS 7799 as a foundational standard. The flexibility of ISO 17799 is such that work done toward it should transfer to any emerging information security standard that may be deemed preferable in the future. ISO 17799 is, after all, nothing more than applied and documented “best practices.” We expect to see an ever-increasing demand for information security certification. This phenomenon will be driven by many factors, including: • Regulatory requirements, such as HIPAA • Marketing incentives, particularly in e-commerce and finance • Financial incentives, such as insurance premium reductions • Corporate “due diligence” concerns All of these examples represent growth opportunities and challenges to all practitioners . . .
. . .  are still in their infancy, and undoubtedly ISO 17799 will evolve over time as deficiencies are addressed. The recently formed Center for Internet Security ( www.cisecurity.org ), a consortium of more than 100 organizations chartered to deal with due diligence, among other issues, has adopted BS 7799 as a foundational standard. The flexibility of ISO 17799 is such that work done toward it should transfer to any emerging information security standard that may be deemed preferable in the future. ISO 17799 is, after all, nothing more than applied and documented “best practices.” We expect to see an ever-increasing demand for information security certification. This phenomenon will be driven by many factors, including: • Regulatory requirements, such as HIPAA • Marketing incentives, particularly in e-commerce and finance • Financial incentives, such as insurance premium reductions • Corporate “due diligence” concerns All of these examples represent growth opportunities and challenges to all . . .
--3000,3,500,3218,41988