Introduction

Network security is no longer just a technical issue, it s a business issue. It s no longer just a problem for the IT department to handle, it s an organizational problem. In the past, IT security was viewed as an expense, but slowly, companies are beginning to see it as an investment. It has evolved from an ad hoc activity to one that is planned using proven methodologies. Perhaps the most important shift occurring is that organizations are beginning to move from the reactive security incident response mentality to the organizational resiliency (thanks to folks at CERT/CC for that phrase). Companies are facing the stark reality that security is no longer just something a few geeky guys do in the dark recesses of the IT department. Corporate executives understand that while network services have moved more toward utility services, security has moved toward a more specialized commodity that involves the entire organization.

Operational security is sometimes overlooked or put together in a patchwork fashion. That s unfortunate because all the hard work that went into your IT security projects is pretty much wasted if you don t develop on-going operations that support or enhance security. This is accomplished through your operational security plan. In this chapter, we re going to look at five distinct areas that support security: incident response, corporate and IT policies related to security; disaster recovery (whether a hurricane or a network intrusion), regulatory issues, and configuration management. These are not the most exciting topics to techies, which is probably why...