Download A Practical Guide to Managing Information Security by Steve Purser PDF

By Steve Purser

This groundbreaking e-book is helping you grasp the administration of knowledge safeguard, focusing on the proactive acceptance and backbone of the sensible problems with constructing and enforcing IT safeguard for the firm. Drawing upon the authors' wealth of priceless adventure in high-risk advertisement environments, the paintings specializes in the necessity to align the knowledge safety procedure as an entire with the necessities of the fashionable firm, which consists of empowering enterprise managers to regulate details security-related chance. all through, the e-book locations emphasis at the use of easy, pragmatic danger administration as a device for decision-making. the 1st publication to hide the strategic problems with IT defense, it allows you to: comprehend the variation among extra theoretical remedies of data protection and operational truth; learn the way info defense possibility will be measured and in this case controlled; outline and execute a data safety method layout and enforce a safety structure; and make sure that constrained assets are used optimally.

Show description

Read Online or Download A Practical Guide to Managing Information Security PDF

Similar comptia books

Inside the Security Mind: Making the Tough Decisions

This e-book exhibits the best way to holiday safety judgements right into a set of straightforward ideas and makes use of useful examples to illustrates how the foundations paintings in perform. there's suggestion on designing an company safety plan, ongoing security features, determining among open resource and proprietary suggestions, and concerns particular to stressed out, instant, and digital inner most networks.

Security in Wireless Ad Hoc and Sensor Networks

This booklet presents an in-depth consultant to safeguard in instant advert hoc and sensor networks protection in instant advert Hoc and Sensor Networks introduces the reader to the basics and key matters concerning instant advert hoc networking, with an emphasis on protection. It discusses the safety assaults and counter measures in instant advert hoc, sensor and mesh networks, and in short offers the criteria on comparable themes.

Application Security in the ISO27001 Environment

Software defense is a huge factor for CIOs. program safety within the ISO27001 surroundings demonstrates tips on how to safe software program functions utilizing ISO/IEC 27001. It does this within the context of a much broader roll out of a data protection administration method (ISMS) that conforms to ISO/IEC 27001. jointly, the authors supply a wealth of workmanship in ISO27001 info safeguard, chance administration and software program software improvement.

Additional resources for A Practical Guide to Managing Information Security

Sample text

The problem associated with interfaces is particularly important, as we can expect to experience problems where two different security subsystems, based on different design principles, are expected to work together smoothly. In this particular case, an already complex problem is often rendered more complex by communications issues. More often than not, such analyses involve experts from different backgrounds, using platform-specific concepts and nomenclature. It is easy to understand how errors creep into the process under such conditions.

8 New challenges ◗ 15 More and more, we are required to exchange information with people we do not know, have never met, and may never meet. In order to do electronic business in today’s world, we require authentication models that can solve these problems while making no assumptions about the security offered by the underlying network. In other words, we require authentication models that work over networks assumed to be hostile. In this new environment, the very people we wish to do business with may be situated at vast distances, making any kind of face-to-face contact impossible.

No attempt has been made to interpret policy requirements by producing lower level documents, such as security standards. ◗ Responsibilities are poorly defined, and where descriptions of such responsibilities do exist, they do not match what happens in reality. ◗ The dialogue between the security department and the end users is poor. The main point of contact is a yearly presentation to the different departments. The presentation has not been updated for some time and does not provide a realistic vision of current threats and how to deal with them.

Download PDF sample

Rated 4.98 of 5 – based on 23 votes