Managing Risk and Information Security

Protect to Enable

by Malcolm Harkins

DescriptionTable of ContentsDetailsHashtagsReport an issue

Book Description

Examine the evolving enterprise security landscape and discover how to manage and survive risk. While based primarily on the author's experience and insights at major companies where he has served as CISO and CSPO, the book also includes many examples from other well-known companies and provides guidance for a management-level audience.

Managing Risk and Information Security provides thought leadership in the increasingly important area of enterprise information risk and security. It describes the changing risk environment and why a fresh approach to information security is needed. Because almost every aspect of an enterprise is now dependent on technology not only for internal operations but increasing as a part of product or service creation, the focus of IT security must shift from locking down assets to enabling the business while managing and surviving risk.

This edition discusses business risk from a broader perspective, including privacy and regulatory considerations. It describes the increasing number of threats and vulnerabilities and offers strategies for developing solutions. These include discussions of how enterprises can take advantage of new and emerging technologies - such as social media and the huge proliferation of Internet-enabled devices - while minimizing risk.

What You'll Learn: Review how people perceive risk and the effects it has on information security; See why different perceptions of risk within an organization matters; Understand and reconcile these differing risk views; Gain insights into how to safely enable the use of new technologies.

This open book is licensed under a Creative Commons License (CC BY). You can download Managing Risk and Information Security ebook for free in PDF format (11.5 MB).

Table of Contents

Chapter 1
Introduction
1
Chapter 2
The Misperception of Risk
17
Chapter 3
Governance and Internal Partnerships: How to Sense, Interpret, and Act on Risk
31
Chapter 4
External Partnerships: The Power of Sharing Information
49
Chapter 5
People Are the Perimeter
65
Chapter 6
Emerging Threats and Vulnerabilities: Reality and Rhetoric
81
Chapter 7
A New Security Architecture to Improve Business Agility
99
Chapter 8
Looking to the Future: Emerging Security Capabilities
117
Chapter 9
Corporate Social Responsibility: The Ethics of Managing Information Risk
129
Chapter 10
The 21st Century CISO
139
Chapter 11
Performance Coaching
155
Appendix A
References
171

Book Details

Subject
Computer Science
Publisher
Apress
Published
2016
Pages
186
Edition
2
Language
English
ISBN13
9781484214565
ISBN10
1484214560
ISBN13 Digital
9781484214558
ISBN10 Digital
1484214552
PDF Size
11.5 MB
License
CC BY

Related Books

Managing Risk and Information Security
Managing Risk and Information Security: Protect to Enable, an ApressOpen title, describes the changing risk environment and why a fresh approach to information security is needed. Because almost every aspect of an enterprise is now dependent on technology, the focus of IT security must shift from locking down assets to enabling the business while m...
Demystifying Internet of Things Security
Break down the misconceptions of the Internet of Things by examining the different security building blocks available in Intel Architecture (IA) based IoT platforms. This book reviews the threat pyramid, secure boot, chain of trust, and the SW stack leading up to defense-in-depth. The IoT presents unique challenges in implementing security and Inte...
The InfoSec Handbook
The InfoSec Handbook offers the reader an organized layout of information that is easily read and understood. Allowing beginners to enter the field and understand the key concepts and ideas, while still keeping the experienced readers updated on topics and concepts. It is intended mainly for beginners to the field of information security, writte...
Guide to Computer Network Security
This definitive text/reference on computer network and information security presents a comprehensive guide to the repertoire of security tools, algorithms and best practices mandated by the rapidly evolving ubiquitous technology we are increasingly dependent on. Fully revised and updated, this timely new edition encompasses the latest developments ...
Preparing for Life in a Digital Age
Ability to use information and communication technologies (ICT) is an imperative for effective participation in today's digital age. Schools worldwide are responding to the need to provide young people with that ability. But how effective are they in this regard? The IEA International Computer and Information Literacy Study (ICILS) responded to thi...
IEA International Computer and Information Literacy Study 2018 Assessment Framework
This free book presents the assessment framework for IEA's International Computer an Information Literacy Study (ICILS) 2018, which is designed to assess how well students are prepared for study, work and life in a digital world. The study measures international differences in students' computer and information literacy (CIL): their ability to use ...