Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

basics logo Security Basics mailing list archives

RE: Sizing the Information Security Department
From: Rob Creely <programmingart () gmail com>
Date: Sat, 6 Sep 2008 00:09:11 -0400
Hi.

I know an organization with 48000 employees with an Infosec Dept. of 18 employees.  4 of them mgmt.  Being that large 
gives them a budget for a lot of automated toys however. They also utilize a MSSP.

An external audit came back that the size of the InfoSec Dept was right.  Whatever that is worth.   

-----Original Message-----
From: k7.fantr () gmail com
Sent: Thursday, September 04, 2008 6:22 PM
To: security-basics () securityfocus com
Subject: Sizing the Information Security Department

Hello all.

I am preparing a business case for increasing the size of the Information Security department at the company where I 
work. This is a smaller company with about 700 employees. Right now, I am the security department. :) - I am asking to 
hire 3 security professionals to augment my load and to allow me to focus on more of the strategic needs and higher 
level analysis.

My question is this: Do any of you know of any published recommendations regarding the size of a security department 
based on company size? Any guidance in this regard is appreciated.

Thanks in advance!

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]