Strategic Information Security by John Wylder - Bookswagon
close menu
Bookswagon
search
My Account
Home > Computing and Information Technology Books > Computer security books > Data encryption > Strategic Information Security
Strategic Information Security

Strategic Information Security


     0     
5
4
3
2
1



Out of Stock


Notify me when this book is in stock
X
About the Book

The new emphasis on physical security resulting from the terrorist threat has forced many information security professionals to struggle to maintain their organization's focus on protecting information assets. In order to command attention, they need to emphasize the broader role of information security in the strategy of their companies. Until now, however, most books about strategy and planning have focused on the production side of the business, rather than operations.

Strategic Information Security integrates the importance of sound security policy with the strategic goals of an organization. It provides IT professionals and management with insight into the issues surrounding the goals of protecting valuable information assets. This text reiterates that an effective information security program relies on more than policies or hardware and software, instead it hinges on having a mindset that security is a core part of the business and not just an afterthought.

Armed with the content contained in this book, security specialists can redirect the discussion of security towards the terms and concepts that management understands. This increases the likelihood of obtaining the funding and managerial support that is needed to build and maintain airtight security programs.

Table of Contents:
Introduction to Strategic Information Security
What Does It Mean to Be Strategic?
Information Security Defined
The Security Professional's View of Information Security
The Business View of Information Security
Changes Affecting Business and Risk Management
Strategic Security
Strategic Security or Security Strategy?
Monitoring and Measurement
Moving Forward

ORGANIZATIONAL ISSUES
The Life Cycles of Security Managers
Introduction
The Information Security Manager's Responsibilities
The Evolution of Data Security to Information Security
The Repository Concept
Changing Job Requirements
Business Life Cycles and the Evolution of an Information
Security Program
The Introductory Phase
The Early Growth Phase
The Rapid Growth Phase
The Maturity Phase
Skill Changes over Time
Conclusion

Chief Security Officer or Chief Information Security Officer
Introduction
Organizational Issues
Justifying the Importance and Role of Security in Business
Risk Management Issues Affecting Organizational Models
Chief Information Security Officer (CISO) Role Defined
The Chief Security Officer (CSO) Role Defined
Organizational Models and Issues
Organization Structure and Reporting Models
Choosing the Right Organization Model

RISK MANAGEMENT TOPICS
Information Security and Risk Management
Introduction
The Information Technology View of Threats, Vulnerabilities,
and Risks
Business View of Threats, Vulnerabilities, and Risks
The Economists' Approach to Understanding Risk
Total Risk
Technology Risk
Information Risk
Information Risk Formula
Protection Mechanisms and Risk Reduction
Matching Protection Mechanisms to Risks
The Risk Protection Matrix
Conclusion

Establishing Information Ownership
Establishing Information Ownership
Centralized Information Security
Local Administrators vs. Information Owners
Transferring Ownership
Operations Orientation of Information Ownership
Information Ownership in Larger Organizations
Information as an Asset
Decentralized vs. Centralized Information Security Controls
Ownership and Information Flow
Information Ownership Hierarchy
Functional Owners of Information
Income Statement Information Owners
Information Value
Statement of Condition Information Owners
Conclusion

The Network as the Enterprise Database
Introduction
A Historical View of Data and Data Management
Management Information Systems (MIS)
Executive Information Systems (EIS)
The Evolving Network
The Network as the Database
Conclusion

Risk Reduction Strategies
Introduction
Information Technology Risks
Evaluating the Alternatives

Improving Security from the Bottom Up: Moving Toward
a New Way of Enforcing Security Policy
Encouraging Personal Accountability for Corporate Information
Security Policy
Background
The Problem
The Role of the Chief Information Security Officer (CISO) in
Improving Security
Centralized Management vs. Decentralized Management
Security Policy and Enforcement Alternatives
Policy Compliance and the Human Resources Department
Personal Accountability
Conclusion

Authentication Models and Strategies
Introduction to Authentication
Authentication Defined
Authentication Choices
Public Key Infrastructure
Administration and Authentication: Management Issues
Identity Theft
Risks and Threats Associated with Authentication Schemes
Other Strategic Issues Regarding Authentication Systems
Conclusion

INFORMATION SECURITY PRINCIPLES AND
PRACTICES
Single Sign-On Security
Overview
The Authentication Dilemma
The Many Definitions of Single Sign-On
Risks Associated with Single Sign-On
Single Sign-On Alternative: A More In-Depth Review
User Provisioning
Authentication and Single Sign-On

Crisis Management: A Strategic Viewpoint
Introduction
Crisis Defined
Benefits from a Formal Crisis Management Process
Escalation and Notification
Organizational Issues and Structures for Dealing with Crisis
Management
Strategies for Managing through a Crisis
Creating a Formalized Response for Crisis Management
Conclusion

Business Continuity Planning
Introduction
Types of Outages and Disasters Outages
Planning for a Disaster
Roles and Responsibilities
Plan Alternatives and Decision Criteria
Risk Mitigation vs. Risk Elimination
Preparation: Writing the Plan
Testing and Auditing the Plan
Issues for Executive Management
Conclusion

Security Monitoring: Advanced Security Management
Introduction.
Monitoring vs. Auditing
Activity Monitoring and Audit Trails
How Security Information Management Systems Work
Other Security Information Monitoring Sources
Privacy and Security Monitoring
Reactions to Security Monitoring Information
Problems with Security Monitoring
Senior Management Issues and Security Monitoring

Auditing and Testing a Strategic Control Process
Introduction: The Role of Auditing and Testing
Auditing and Security Management
Security Audits
Information Protection
Audit Logs and Audit Trails
Security Testing and Analysis
Application Controls and Strategic Security Goals
Reporting of Security Problems and the Role of the Auditor
Auditing, Testing, and Strategic Security

Outsourcing Security: Strategic Management Issues
Information Security Operations and Security Management
Management Issues Regarding the Outsourcing Decision
Outsourced Security Alternatives
Return on Investment (ROI) with Outsourced Services
Contract Issues for Security Outsourcing
Integration of Outsourcing with Internal Operational
Functions
Risks Associated with Outsourcing Security Functions
Business Continuity Planning and Security Outsourcing
Strategic Management Issues with Outsourced Security

Final Thoughts on Strategic Security
Executive Management and Security Management
The Future of Information Security and the Challenges Ahead

Appendix Helpful Internet Resources


Best Sellers


Product Details
  • ISBN-13: 9781135491703
  • Publisher: Taylor & Francis Ltd
  • Publisher Imprint: Auerbach
  • Language: English
  • No of Pages: 240
  • ISBN-10: 1135491704
  • Publisher Date: 24 Nov 2003
  • Binding: Digital (delivered electronically)
  • No of Pages: 240


Similar Products

Add Photo
Add Photo

Customer Reviews

REVIEWS      0     
Click Here To Be The First to Review this Product
Strategic Information Security
Taylor & Francis Ltd -
Strategic Information Security
Writing guidlines
We want to publish your review, so please:
  • keep your review on the product. Review's that defame author's character will be rejected.
  • Keep your review focused on the product.
  • Avoid writing about customer service. contact us instead if you have issue requiring immediate attention.
  • Refrain from mentioning competitors or the specific price you paid for the product.
  • Do not include any personally identifiable information, such as full names.

Strategic Information Security

Required fields are marked with *

Review Title*
Review
    Add Photo Add up to 6 photos
    Would you recommend this product to a friend?
    Tag this Book Read more
    Does your review contain spoilers?
    What type of reader best describes you?
    I agree to the terms & conditions
    You may receive emails regarding this submission. Any emails will include the ability to opt-out of future communications.

    CUSTOMER RATINGS AND REVIEWS AND QUESTIONS AND ANSWERS TERMS OF USE

    These Terms of Use govern your conduct associated with the Customer Ratings and Reviews and/or Questions and Answers service offered by Bookswagon (the "CRR Service").


    By submitting any content to Bookswagon, you guarantee that:
    • You are the sole author and owner of the intellectual property rights in the content;
    • All "moral rights" that you may have in such content have been voluntarily waived by you;
    • All content that you post is accurate;
    • You are at least 13 years old;
    • Use of the content you supply does not violate these Terms of Use and will not cause injury to any person or entity.
    You further agree that you may not submit any content:
    • That is known by you to be false, inaccurate or misleading;
    • That infringes any third party's copyright, patent, trademark, trade secret or other proprietary rights or rights of publicity or privacy;
    • That violates any law, statute, ordinance or regulation (including, but not limited to, those governing, consumer protection, unfair competition, anti-discrimination or false advertising);
    • That is, or may reasonably be considered to be, defamatory, libelous, hateful, racially or religiously biased or offensive, unlawfully threatening or unlawfully harassing to any individual, partnership or corporation;
    • For which you were compensated or granted any consideration by any unapproved third party;
    • That includes any information that references other websites, addresses, email addresses, contact information or phone numbers;
    • That contains any computer viruses, worms or other potentially damaging computer programs or files.
    You agree to indemnify and hold Bookswagon (and its officers, directors, agents, subsidiaries, joint ventures, employees and third-party service providers, including but not limited to Bazaarvoice, Inc.), harmless from all claims, demands, and damages (actual and consequential) of every kind and nature, known and unknown including reasonable attorneys' fees, arising out of a breach of your representations and warranties set forth above, or your violation of any law or the rights of a third party.


    For any content that you submit, you grant Bookswagon a perpetual, irrevocable, royalty-free, transferable right and license to use, copy, modify, delete in its entirety, adapt, publish, translate, create derivative works from and/or sell, transfer, and/or distribute such content and/or incorporate such content into any form, medium or technology throughout the world without compensation to you. Additionally,  Bookswagon may transfer or share any personal information that you submit with its third-party service providers, including but not limited to Bazaarvoice, Inc. in accordance with  Privacy Policy


    All content that you submit may be used at Bookswagon's sole discretion. Bookswagon reserves the right to change, condense, withhold publication, remove or delete any content on Bookswagon's website that Bookswagon deems, in its sole discretion, to violate the content guidelines or any other provision of these Terms of Use.  Bookswagon does not guarantee that you will have any recourse through Bookswagon to edit or delete any content you have submitted. Ratings and written comments are generally posted within two to four business days. However, Bookswagon reserves the right to remove or to refuse to post any submission to the extent authorized by law. You acknowledge that you, not Bookswagon, are responsible for the contents of your submission. None of the content that you submit shall be subject to any obligation of confidence on the part of Bookswagon, its agents, subsidiaries, affiliates, partners or third party service providers (including but not limited to Bazaarvoice, Inc.)and their respective directors, officers and employees.

    Accept

    Fresh on the Shelf


    Inspired by your browsing history


    Your review has been submitted!

    You've already reviewed this product!
    Your IP: 216.73.216.78 IN