Security Risk Management: Building an Information Security Risk Management Program from the Ground Up

Description

The goal of Security Risk Management is to teach you practical techniques that will be used on a daily basis, while also explaining the fundamentals so you understand the rationale behind these practices. Security professionals often fall into the trap of telling the business that they need to fix something, but they can't explain why. This book will help you to break free from the so-called "best practices" argument by articulating risk exposures in business terms. You will learn techniques for how to perform risk assessments for new IT projects, how to efficiently manage daily risk activities, and how to qualify the current risk level for presentation to executive level management. While other books focus entirely on risk analysis methods, this is the first comprehensive guide for managing security risks. Named a 2011 Best Governance and ISMS Book by InfoSec Reviews Includes case studies to provide hands-on experience using risk assessment tools to calculate the costs and benefits of any security investment Explores each phase of the risk management lifecycle, focusing on policies and assessment processes that should be used to properly assess and mitigate risk Presents a roadmap for designing and implementing a security risk management program

Get the book

Amazon.com

Search the book

eBay.com

Search the book

Other editions

• 

  Security Risk Management: Building an Information Security Risk Management Program...

  • 2011-04-20
  • 360 pages
  • Ebook
  • Elsevier

Similar books

• 

  Security Risk Management Body of Knowledge

  By Julian Talbot, Miles Jakeman

  This is an indispensable resource for risk and security professional, students, executive management, and line managers with security responsibilities.

• 

  A Practical Introduction to Security and Risk Management

  By Bruce Newsome

  Taking technical risks: How innovators, executives, and investors manage high-tech risks. Cambridge, MA: MIT Press. ... Concepts and case studies in threat management, Boca Raton, FL: CRC Press. Canada Department of National Defense.

• 

  Metrics and Methods for Security Risk Management

  By Carl Young

  Security professionals, as well as scientists and engineers who are working on technical issues related to security problems will find this book relevant and useful.

• 

  Enterprise Security Risk Management: Concepts and Applications

  By Brian Allen, Esq., CFE

  The controlled experiment, with the Wired reporter, Andy Greenberg, voluntarily at the wheel of the car, ended when the hackers remotely killed the engine and steered the car off the road. It was a shocking article to many who had never ...

• 

  Risk Management for Computer Security: Protecting Your Network and Information Assets

  By Andy Jones, Debi Ashenden

  The challenges are many and this book will help professionals in meeting their challenges as we progress through the twenty-first century. This book is organized into five sections.

• 

  Security Risk Assessment and Management: A Professional Practice Guide for Protecting Buildings and Infrastructures

  By Betty E. Biringer, Rudolph V. Matalucci, Sharon L. O'Connor

  ... to Predict Structural Response to Blast, SAND2000-1017, Sandia National Laboratories, Albuquerque, NM, May 2000. 3. Garcia, Mary Lynn, Design and Evaluation of Physical Protection Systems, Butterworth-Heinemann, Burlington, MA, ...

• 

  Risk and Security Management: Protecting People and Sites Worldwide

  By Michael Blyth

  I strongly recommend this book to all security practitioners and consultants as an excellent repository of risk and security management know-how." —Tom Mulhall, Director of Security Programmes, Loughborough University

• 

  IT Security Risk Control Management: An Audit Preparation Plan

  By Raymond Pompon

  What You Will Learn: Build a security program that will fit neatly into an organization and change dynamically to suit both the needs of the organization and survive constantly changing threats Prepare for and pass such common audits as PCI ...

• 

  IT Security Risk Control Management: An Audit Preparation Plan

  By Raymond Pompon

  What You Will Learn: Build a security program that will fit neatly into an organization and change dynamically to suit both the needs of the organization and survive constantly changing threats Prepare for and pass such common audits as PCI ...

• 

  Information Security and IT Risk Management

  By Manish Agrawal, Alex Campoe, Eric Pierce

  This new text provides students the knowledge and skills they will need to compete for and succeed in the information security roles they will encounter straight out of college.