Proactive Network Security

Introduction
The world of computing harbors a culture of poor and inferior security practices. Along with a tendency for companies to be Reactive rather than Proactive as it relates to Information Security lends itself to the national rise in attacks on networks. Businesses large and small have a fiscal and fiduciary responsibility to securely protect company and customer information assets.
Information security at the behest of the technology boom plays a large role in our everyday lives. The size of the role information security plays ultimately depends on which avenue used. No matter the scenario, grocery shopping or defense contracting for the Federal Government, information security, implemented correctly, protects all parties involved. Information security by simplistic definition is controlled sharing of data.
A standardized approach to security with policy templates has the potential of enhancing network security of personal and financial information. A standard approach to analyzing risk faced by networks safeguarding the network data and applying

Networks at Risk
In our world security is a main concern, and network security is no less important. The mere fact that networks store data makes them vulnerable. Network vulnerability creates its own threats.
Peter Stephenson heralds this point in a recent writing by saying “for a vulnerability to be exploited there needs to be a threat”. Network threats are typically downplayed and deemed low-risk until the earthquake happens. Once a detected breach is identified organizations bolt into action to minimize the damage that, by all intent and purpose, could have been avoided. A security report of lynchpin sectors of our economy found the majority to have vulnerabilities. (“IT Industry Needs, “2006)

Data Safeguarding

Network security is neither foreign nor something to talk about in past tense. Data security and safeguarding are dynamic events. Data protection involves analyzing the way you do things and identifying your exposures (Conway). Static procedures will yield little to no tangible results resulting in reactive policy by default.
Data protection has evolved into a market of its own. The fifty to seventy five percent growth of the Data Leakage Protection market proves it (Hook, 2009). This statistic shows a step in the right direction; however this sector has no desire to educate. Security education, especially in being proactive, will put the sector’s growth and profits in a downward dive.

Reduced Risk

Businesses of all sizes are constantly exposed the threats (Conway, 2005). To minimize risks first you must identify the holes then systematically repair them and more importantly repeat the cycle. This begins the basic framework of risk management.
Risk management requires risks be identified and managed (Stephenson, 2012). To properly identify risk a system must be followed. Any good risk management system will identify quantify, assess and improve the system. Once this cycle is started the risk will shrink with each subsequent cycle, albeit never totally disappear. Although each cycle repeat will see an increase in manageability. The epoch of risk assessment is reducing the inherent risk to a manageable size.
Conclusion

Assessing network risk, safeguarding data, and reducing data risk are the goals, framework to follow. Success is generally guaranteed with systematic near scientific approach. The only way results can be quantified is if a repeatable process is performed. These processes, call it framework, will quantify and identify risks. This continued feedback and improvement can be mapped in a five step process; Define, Measure, Analyze, Improve, and Control. This process has been Coined the DMAIC method. DMAIC is a method or tool put in place for continuous improvement (Martin, 2010). The framework assesses the risk establishing a baseline used to measure improvement. Analysis of cause of risk, and