Freshly Printed - allow 10 days lead
Couldn't load pickup availability
Building a Practical Information Security Program
Demonstrates how to resolve immediate tactical needs, transform security needs into strategic goals, and put programs into operation with full lifecycle management
Jason Andress (Author), Mark Leary (Author)
9780128020425, Elsevier Science
Paperback, published 21 October 2016
202 pages
23.5 x 19 x 1.4 cm, 0.56 kg
Building a Practical Information Security Program provides users with a strategic view on how to build an information security program that aligns with business objectives. The information provided enables both executive management and IT managers not only to validate existing security programs, but also to build new business-driven security programs. In addition, the subject matter supports aspiring security engineers to forge a career path to successfully manage a security program, thereby adding value and reducing risk to the business. Readers learn how to translate technical challenges into business requirements, understand when to "go big or go home," explore in-depth defense strategies, and review tactics on when to absorb risks. This book explains how to properly plan and implement an infosec program based on business strategy and results.
Why We Need Security Programs Develop a Security Strategy Integrate Security into the Organization Establish a Security Organization Develop a Security Policy Manage the Risks Protect the Data Manage the Security of Third Parties and Vendors Conduct Security Awareness and Training Develop Metrics to Measure Program Effectiveness
Subject Areas: Data encryption [URY], Privacy & data protection [URD], Computer security [UR]
