Information security for non-technical managers

kirjoittanut Dr Eduardo Gelbstein
:
( 26 )
75 pages
Kieli:
 English
This book presents a non-technical overview of the main elements of managing information security, where everyone, not just technical people, has a role to play.
Tämä on liiketoiminta-ekirja
Ilmainen 30 päivän kokeilujakso
Yritystilaus ilmainen ensimmäisen 30 päivän ajan, ja sen jälkeen $5.99/kk.
 
Osta eKirja:
Kirja ei sisällä mainoksia
Viimeisin lisäys
Kirjailijasta

With nearly 50 years experience in the private and public sectors in several countries, Ed has been active in information security through publications, international conferences, workshops and also as an auditor.

After many years as a senior Information Technology manager in the pre-privat...

Description
Content
Reviews

This book presents a non-technical overview of the main elements of managing information security, where everyone, not just technical people, has a role to play.

Modern economies are highly dependent on information systems and networks connected to “cyberspace” a virtual world with a population of several billion and growing.

Cyberspace is inherently insecure. Achieving acceptable information security requires building awareness of what it takes to achieve it, mitigating vulnerabilities in people, processes and technologies and constant adaptation to a rapidly changing environment.

About the author

Introduction

  1. Information security in context
    1. A short history of information technologies and their side effects
    2. Why information security is increasingly important
    3. Ubiquity and irreversible dependencies
  2. Lessons identified in the last ten years
    1. The semantics of information security
    2. The major target areas in information insecurity
    3. What needs to be done to strengthen security is well known but not done well enough
    4. Certifications
    5. Asymmetries and consequences
    6. Maintaining security is everybody’s job
  3. Defining information security
    1. What is meant by “Information Security”
    2. Differences between Enterprise security, Information security and Information Technology security
  4. Managing information security in the enterprise
    1. Information Security Governance
    2. The components of information security governance
    3. Managing for security
    4. What makes a good Chief Information Security Officer (CISO)
    5. Your role as a manager
  5. The four domains of vulnerabilities
    1. Governance vulnerabilities
    2. People vulnerabilities
    3. Process vulnerabilities
    4. Technology vulnerabilities
  6. Other drivers of information insecurity
    1. Causes for concern
    2. External factors: the constantly changing landscape
    3. Information security should not inhibit innovative thinking
  7. Measuring security
    1. Measuring Information Security
    2. Reporting information security metrics
  8. Other information security topics
    1. Business Impact Analysis (BIA)
    2. Information Risk Management
    3. Planning for survival
    4. The legislative landscape
  9. Conclusions
  10. References
    1. Downloadable free of charge:
    2. Material requiring purchase
    3. Topics not covered in this book
  11. Appendix: Acknowledgements
  12. Endnotes
A very good read and information bank for all kinds of managers regardless of whether you have technical background or not. This is any manager's requirement to be successful.
16. maaliskuuta 2016 klo 8.27
Comprehensive in content since it has included vital concepts to further discuss the main topic.
6. elokuuta 2013 klo 7.46
Great book to be more aware on a critical issue which is too often not properly considered by professionals.
23. heinäkuuta 2013 klo 7.47
More reviews