Skip navigation

Bookboon.com Download free eBooks and textbooks

Choose a category

Information security for non-technical managers

Information security for non-technical managers
4.9 (22 reviews) Read reviews
ISBN: 978-87-403-0488-6
1 edition
Pages : 75
  • Price: 75.50 kr
  • Price: €8.99
  • Price: £8.99
  • Price: ₹150
  • Price: $8.99
  • Price: 75.50 kr
  • Price: 75.50 kr

Download for FREE in 4 easy steps...

We are terribly sorry, but in order to download our books or watch our videos, you will need a browser that allows JavaScript.
After entering your email address, a confirmation email will be sent to your inbox. Please approve this email to receive our weekly eBook update. We will not share your personal information with any third party.
eLib
Unlock your organization's learning potential
See Demo

Corporate eLibrary

Discover our employee learning solutions

This is a Premium eBook

Bookboon Premium - Gain access to over 800 eBooks - without ads

You can get free access for a month to this - and 800 other books with the Premium Subscription. You can also buy the book below

  • Start a 30-day free trial. After trial: 39.99 kr p/m
  • Start a 30-day free trial. After trial: €5.99 p/m
  • Start a 30-day free trial. After trial: £4.99 p/m
  • Start a 30-day free trial. After trial: ₹299 p/m
  • Start a 30-day free trial. After trial: $3.99 p/m
  • Start a 30-day free trial. After trial: 39.99 kr p/m
  • Start a 30-day free trial. After trial: 39.99 kr p/m
eLib
Unlock your organization's learning potential
Click here!

Corporate eLibrary

Discover our employee learning solutions

About the book

  1. Reviews
  2. Description
  3. Content
  4. About the Author

Reviews

Andile Stulo ★★★★★

A very good read and information bank for all kinds of managers regardless of whether you have technical background or not. This is any manager's requirement to be successful.

Ronald J. Harrod ★★★★★

Comprehensive in content since it has included vital concepts to further discuss the main topic.

Stefano Baldi ★★★★★

Great book to be more aware on a critical issue which is too often not properly considered by professionals.

Description

This book presents a non-technical overview of the main elements of managing information security, where everyone, not just technical people, has a role to play.

Modern economies are highly dependent on information systems and networks connected to “cyberspace” a virtual world with a population of several billion and growing.

Cyberspace is inherently insecure. Achieving acceptable information security requires building awareness of what it takes to achieve it, mitigating vulnerabilities in people, processes and technologies and constant adaptation to a rapidly changing environment.

Content

About the author

Introduction

  1. Information security in context
    1. A short history of information technologies and their side effects
    2. Why information security is increasingly important
    3. Ubiquity and irreversible dependencies
  2. Lessons identified in the last ten years
    1. The semantics of information security
    2. The major target areas in information insecurity
    3. What needs to be done to strengthen security is well known but not done well enough
    4. Certifications
    5. Asymmetries and consequences
    6. Maintaining security is everybody’s job
  3. Defining information security
    1. What is meant by “Information Security”
    2. Differences between Enterprise security, Information security and Information Technology security
  4. Managing information security in the enterprise
    1. Information Security Governance
    2. The components of information security governance
    3. Managing for security
    4. What makes a good Chief Information Security Officer (CISO)
    5. Your role as a manager
  5. The four domains of vulnerabilities
    1. Governance vulnerabilities
    2. People vulnerabilities
    3. Process vulnerabilities
    4. Technology vulnerabilities
  6. Other drivers of information insecurity
    1. Causes for concern
    2. External factors: the constantly changing landscape
    3. Information security should not inhibit innovative thinking
  7. Measuring security
    1. Measuring Information Security
    2. Reporting information security metrics
  8. Other information security topics
    1. Business Impact Analysis (BIA)
    2. Information Risk Management
    3. Planning for survival
    4. The legislative landscape
  9. Conclusions
  10. References
    1. Downloadable free of charge:
    2. Material requiring purchase
    3. Topics not covered in this book
  11. Appendix: Acknowledgements
  12. Endnotes

About the Author

With nearly 50 years experience in the private and public sectors in several countries, Ed has been active in information security through publications, international conferences, workshops and also as an auditor.

After many years as a senior Information Technology manager in the pre-privatised British Rail, he joined the United Nations as Director of the International Computing Centre, a service organization providing services to many international organisations. Following his retirement, he was invited to joint the audit teams of the United Nations Board of External Auditors and those of the French National Audit Office (Cour des Comptes), activities he continued for several years.

He is currently a Senior Fellow of the Diplo Foundation, an entity that provides online training to diplomats around the world. He is also a faculty member of Webster University, Geneva, Switzerland and a guest speaker at the Geneva Centre for Security Policy. He remains a contributor to security conferences in Europe, the Arabian Gulf and Africa.

His publications include several books and articles in peer-reviewed journals. Amongst them: “Quantifying Information Risk and Security”, ISACA Journal, July 2013.

“Demonstrating Due Diligence in the management of Information Security, ISACA Journal, January 2013. “Strengthening Information Security Governance, ISACA Journal, November 2012

“Planning an I.T. Audit for a Critical Information Infrastructure”, Chapter 11 of the book “Securing Critical Infrastructures and Critical Control Systems – approaches for Threat Protection” edited by Christopher Laing et.al. IGI Global, November 2012

“Law and Technology – Cyberwar, Cyberterrorism and Digital Immobilization”, co-authored and coedited with Professor Pauline Reich, IGI Global, November 2012

“Data Integrity, the poor relation of Information Security”, ISACA Journal, November 2011 “Crossing the Executive Digital Divide”, Diplo Foundation, Geneva, 2006

“The Information Society Library”, a collection of 9 booklets (3 of them on security), Diplo Foundation, Geneva, 2003 (in support of the first World Summit of the Information Society)

“Information Insecurity”, United Nations Secretary General’s Information and Communications Task Force, September 2002

Ed can be contacted at gelbstein@diplomacy.edu

This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with EU regulation.