Managing Risk and Information Security: Protect to Enable, an ApressOpen title, describes the changing risk environment and why a fresh approach to information security is needed. Because almost every aspect of an enterprise is now dependent on technology, the focus of IT security must shift from locking down assets to enabling the business while managing and surviving risk. This compact book discusses business risk from a broader perspective, including privacy and regulatory considerations. It describes the increasing number of threats and vulnerabilities, but also offers strategies for developing solutions. These include discussions of how enterprises can take advantage of new and emerging technologies - such as social media and the huge proliferation of Internet-enabled devices - while minimizing risk.
This open book is licensed under a Creative Commons License (CC BY-NC). You can download Managing Risk and Information Security ebook for free in PDF format (3.2 MB).
Table of Contents
The Misperception of Risk
Governance and Internal Partnerships
People Are the Perimeter
Emerging Threats and Vulnerabilities
A New Security Architecture to Improve Business Agility
Looking to the Future
The 21st Century CISO
Managing Risk and Information Security
Examine the evolving enterprise security landscape and discover how to manage and survive risk. While based primarily on the author's experience and insights at major companies where he has served as CISO and CSPO, the book also includes many examples from other well-known companies and provides guidance for a management-level audience.
Break down the misconceptions of the Internet of Things by examining the different security building blocks available in Intel Architecture (IA) based IoT platforms. This book reviews the threat pyramid, secure boot, chain of trust, and the SW stack leading up to defense-in-depth.
The IoT presents unique challenges in implementing security and Inte...
The InfoSec Handbook offers the reader an organized layout of information that is easily read and understood. Allowing beginners to enter the field and understand the key concepts and ideas, while still keeping the experienced readers updated on topics and concepts.
It is intended mainly for beginners to the field of information security, writte...
This definitive text/reference on computer network and information security presents a comprehensive guide to the repertoire of security tools, algorithms and best practices mandated by the rapidly evolving ubiquitous technology we are increasingly dependent on. Fully revised and updated, this timely new edition encompasses the latest developments ...
Ability to use information and communication technologies (ICT) is an imperative for effective participation in today's digital age. Schools worldwide are responding to the need to provide young people with that ability. But how effective are they in this regard? The IEA International Computer and Information Literacy Study (ICILS) responded t...
This free book presents the assessment framework for IEA's International Computer an Information Literacy Study (ICILS) 2018, which is designed to assess how well students are prepared for study, work and life in a digital world. The study measures international differences in students' computer and information literacy (CIL): their abili...