Building a Practical Information Security Program

ISBN-10: 0128020881
ISBN-13: 9780128020883
Category: Computers
Pages: 202
Language: English
Published: 2016-11-01
Publisher: Syngress
Authors: Jason Andress, Mark Leary

Description

Building a Practical Information Security Program provides users with a strategic view on how to build an information security program that aligns with business objectives. The information provided enables both executive management and IT managers not only to validate existing security programs, but also to build new business-driven security programs. In addition, the subject matter supports aspiring security engineers to forge a career path to successfully manage a security program, thereby adding value and reducing risk to the business. Readers learn how to translate technical challenges into business requirements, understand when to "go big or go home," explore in-depth defense strategies, and review tactics on when to absorb risks. This book explains how to properly plan and implement an infosec program based on business strategy and results. Provides a roadmap on how to build a security program that will protect companies from intrusion Shows how to focus the security program on its essential mission and move past FUD (fear, uncertainty, and doubt) to provide business value Teaches how to build consensus with an effective business-focused program

Get the book

Similar books

Building an Effective Cybersecurity Program
By Tari Schreider
If you are a manager already involved in your organization’s cybersecurity program, you have much to gain from reading this book. This book will become your go to field manual guiding or affirming your program decisions.
Creating an Information Security Program from Scratch
By Walter Williams
This book is written for the first security hire in an organization, either an individual moving into this role from within the organization or hired into the role.
Building an Information Security Awareness Program: Defending Against Social Engineering and Technical Threats
By Valerie Thomas, Bill Gardner
The book also tells you the best ways to garner management support for implementing the program. Author Bill Gardner is one of the founding members of the Security Awareness Training Framework.
Practical Information Security Management: A Complete Guide to Planning and Implementation
By Tony Campbell
Barriers, Walls, and Fences There are a variety of barriers you can use in perimeter design, depending, of course, what kind of facility you own or occupy. The key function of a barrier is to prevent unauthorized access and delineate ...
Building an Effective Cybersecurity Program, 2nd Edition
By Tari Schreider
If you are a manager already involved in your organization’s cybersecurity program, you have much to gain from reading this book. This book will become your go to field manual guiding or affirming your program decisions.
Security Risk Management: Building an Information Security Risk Management Program from the Ground Up
By Evan Wheeler
Security Risk Management is the definitive guide for building or running an information security risk management program.
Building an Effective Information Security Policy Architecture
By Sandy Bacik
Through the use of questionnaires, interviews, and assessments, this volume demonstrates how to evaluate an organization's culture and its ability to meet various security standards and requirements.
The Cybersecurity Manager's Guide
By Todd Barnum
Author and longtime infosec leader Todd Barnum upends the assumptions security professionals take for granted.
Cyber Security Engineering: A Practical Approach for Systems and Software Assurance
By Nancy R. Mead, Carol Woody
This book will be valuable to wide audiences of practitioners and managers with responsibility for systems, software, or quality engineering, reliability, security, acquisition, or operations.
Computers at Risk: Safe Computing in the Information Age
By Mathematics, National Research Council, Division on Engineering and Physical Sciences
The book explores the diversity of the field, the need to engineer countermeasures based on speculation of what experts think computer attackers may do next, why the technology community has failed to respond to the need for enhanced ...