MétaCan
Menu
Back to cohort
Record W246495123

Getting "Front and Center" on Security Policies: Leading Institutions Have Dusted Them off, Put Them Online, and Made Them the Blueprint of a New "Resiliency" Vision

2005· article· en· W246495123 on OpenAlex

Why this work is in the frame

A frame that forgets how it found something cannot be audited. These are the routes that admitted this work.

aboutThe title or abstract carries a Canadian signal from the geographic lexicon.
no affNo Canadian affiliation: this work is invisible to an affiliation-only frame.
No Canadian affiliation. An affiliation-only frame, the usual design, would never have seen this work. It is one of the works that make the case for inverting the frame.

Bibliographic record

VenueABA banking journal · 2005
Typearticle
Languageen
FieldComputer Science
TopicInformation and Cyber Security
Canadian institutionsnot available
Fundersnot available
KeywordsBlueprintVendorBusinessComputer securityPublic relationsPolitical scienceEngineeringMarketingComputer science
DOInot available

Abstract

fetched live from OpenAlex

Any security expert worth his hefty price tag will you: the only truly protected bank is one adopting a layered approach. This means that all the operational elements of infrastructure-including network, web applications, databases, and servers-receive equal attention in lockdown and maintenance. Before an organization can get that far, though, it needs a security policy to clarify its thinking and set the budget and agenda. It's a simple idea but one that has not always been successfully adopted in the past. Happily all that seems to be changing. Rob Miller, vice-president of marketing with M-Tech, an infrastructure change management vendor based in Calgary, Alberta, Canada, says that relatively recent developments (including this year's acts of nature, memories of semi-recent power outages or fading but still legendary acts of cyber hooligans) have only heightened the concern over the security issues which had become of great import in 2001. One positive ripple effect of almost biblical woes faced by the nation and elsewhere: Security policy is now front-and-center, either getting revised among best practitioners or adopted in finally useful ways among the rest. But it's not really over til the fat client sings, so to speak. Because banks are more distributed (and exposed), the once uncomplicated act of policy development is both harder to do (as a testable exercise) and more necessary given how complicated today's business environment actually is. Everybody has one, right? Policy's official story has always been this: the industry's heavily regulated nature has long made security policies existent and extant. (That is to say, everybody had good security policy because the regulators insisted on it.) Yet off the record comments still indicate that dusty paper on a shelf syndrome is still the norm, several years after the disturbing events of 9/11 might have dictated otherwise. Among the show and tell crowd, paper-based policy keeps them compliant, but doesn't let them achieve higher proficiencies. The dates on the material will change and so will some of the content, says Rob Dyson, associate partner of Accenture's security practice, Dallas. [Preparedness] really runs the gamut out there, says Dyson. top 50 institutions, he explains, the budgets, extensive staff, and huge base of supporting vendors are all guided by an industrial strength policy that is distributed on the intranet. Others in the vast middle market, struggle to give a less than ideal policy more than nominal play. Another source agreed that good policy still appeared in an uneven distribution in the financial services industry. Sometimes we see things that are pretty shocking, he said. What policy can do M-Tech customer Charlie Dixon, vice-president technology, with $6 billion assets Riggs Bank, Washington, D.C., says his bank, for one, has stepped up many facets of its policy since 2001, prior to the bank's much publicized Bank Secrecy Act troubles. has also made numerous tech purchases, including use of an incident tracking system and adoption of M-Tech's password management technology--decisions partially guided by needs that policy revealed. We take policy seriously here, Dixon explained. It is relevant, it is regularly updated, and it is referred to during application development, for Policy makes a difference in matters large and small. At Riggs, we just don't harden our servers, Dixon explains, referring to the process of placing a dedicated security device at the service and application layer. We secure the desktops so that instant messaging, say, or non-authorized use of e-mail doesn't put the organization at risk for information leaks. As Dixon alluded to in his comments above, a good security policy serves as one mechanism, along with the policies and practices of human resources, to control how business users behave when they use their laptops, desktops, and Blackberries, for instance. …

Fetched live from OpenAlex and de-inverted. Abstracts are not stored in this database: the inverted indexes are 8.6 GB of the frame’s 9.3 GB of text, and the host has 13 GB free.

Full frame distilled prediction

Teacher imitation

Not calibrated prevalence, not ground truth. Human validation pending. Learned from the 10,348 direct Codex labels and 10,348 direct Gemma labels. Candidate is the union of thresholded teacher heads; consensus is their intersection. These outputs are machine_predicted_unvalidated and are not human labels or direct frontier model labels.

metaresearch head score (Codex)0.001
metaresearch head score (Gemma)0.000
Version: codex-gemma-dda1882f352aValidation status: machine_predicted_unvalidated
Candidate categoriesnone
Consensus categoriesnone
DomainCandidate signal: none · Consensus signal: none
Study designCandidate signal: Other design · Consensus signal: none
GenreCandidate signal: Empirical · Consensus signal: Empirical
Teacher disagreement score0.508
Threshold uncertainty score0.519

Codex and Gemma teacher scores by category

CategoryCodexGemma
Metaresearch0.0010.000
Meta-epidemiology (narrow)0.0000.000
Meta-epidemiology (broad)0.0000.000
Bibliometrics0.0000.000
Science and technology studies0.0010.000
Scholarly communication0.0000.001
Open science0.0010.000
Research integrity0.0000.001
Insufficient payload (model declined to judge)0.0000.000

Machine scores (provisional)

The two teacher heads of the student model, read on this work. A score orders the frame for review; it never asserts a category, and the validation status ships verbatim with every row.

Baseline scores from an immature model (maturity gate not passed, 7 training rounds). Scores rank; they never assert a category.

Opus teacher head0.034
GPT teacher head0.287
Teacher spread0.252 · how far apart the two teachers sit on this one work
Validation statusscore_only:v0-immature-baseline · verbatim from the scoring run: score_only means the number may rank works, and no category label ships from it