Building a Corporate Culture of Security - 1st Edition - ISBN: 9780128020197, 9780128020586

Building a Corporate Culture of Security

1st Edition

Strategies for Strengthening Organizational Resiliency

Authors: John Sullivant
eBook ISBN: 9780128020586
Paperback ISBN: 9780128020197
Imprint: Butterworth-Heinemann
Published Date: 25th February 2016
Page Count: 298
Tax/VAT will be calculated at check-out Price includes VAT (GST)
30% off
30% off
30% off
30% off
30% off
20% off
20% off
30% off
30% off
30% off
30% off
30% off
20% off
20% off
30% off
30% off
30% off
30% off
30% off
20% off
20% off
30% off
30% off
30% off
30% off
30% off
20% off
20% off
53.59
37.51
37.51
37.51
37.51
37.51
42.87
42.87
35.95
25.16
25.16
25.16
25.16
25.16
28.76
28.76
30.99
21.69
21.69
21.69
21.69
21.69
24.79
24.79
49.95
34.97
34.97
34.97
34.97
34.97
39.96
39.96
Unavailable
Price includes VAT (GST)
× DRM-Free

Easy - Download and start reading immediately. There’s no activation process to access eBooks; all eBooks are fully searchable, and enabled for copying, pasting, and printing.

Flexible - Read on multiple operating systems and devices. Easily read eBooks on smart phones, computers, or any eBook readers, including Kindle.

Open - Buy once, receive and download all available eBook formats, including PDF, EPUB, and Mobi (for Kindle).

Institutional Access

Secure Checkout

Personal information is secured with SSL technology.

Free Shipping

Free global shipping
No minimum order.

Description

Building a Corporate Culture of Security: Strategies for Strengthening Organizational Resiliency provides readers with the proven strategies, methods, and techniques they need to present ideas and a sound business case for improving or enhancing security resilience to senior management. Presented from the viewpoint of a leading expert in the field, the book offers proven and integrated strategies that convert threats, hazards, risks, and vulnerabilities into actionable security solutions, thus enhancing organizational resiliency in ways that executive management will accept.

The book delivers a much-needed look into why some corporate security practices programs work and others don’t. Offering the tools necessary for anyone in the organization charged with security operations, Building a Corporate Culture of Security provides practical and useful guidance on handling security issues corporate executives hesitate to address until it’s too late.

Key Features

  • Provides a comprehensive understanding of the root causes of the most common security vulnerabilities that impact organizations and strategies for their early detection and prevention
  • Offers techniques for security managers on how to establish and maintain effective communications with executives, especially when bringing security weakness--and solutions--to them
  • Outlines a strategy for determining the value and contribution of protocols to the organization, how to detect gaps, duplications and omissions from those protocols, and how to improve their purpose and usefulness
  • Explores strategies for building professional competencies; managing security operations, and assessing risks, threats, vulnerabilities, and consequences
  • Shows how to establish a solid foundation for the layering of security and building a resilient protection-in-depth capability that benefits the entire organization
  • Offers appendices with proven risk management and risk-based metric frameworks and architecture platforms

Readership

Security Directors, Managers, and consultants; Business executives and managers charged with risk management and security responsibilities; Security Management students.

Table of Contents

  • Dedication
  • About the Author
  • Foreword
  • Preface
  • Acknowledgments
  • 1. Introduction
    • Overview
    • Building Security Resilience and Developing Relationships
    • Watch Out for Stumbling Blocks
    • Vulnerability Creep-in Just Showed Up—It Wasn’t Here Before
    • Conclusion
  • 2. Strategies That Create Your Life Line
    • Overview
    • A Need Exists to Create a Set of Uniform Security Strategies
    • Security Strategies and Guiding Principles
    • Conclusion
  • 3. The Many Faces of Vulnerability Creep-in
    • Overview
    • Vulnerability Creep-in Eludes Many Security Professionals
    • Strategic Security Deficiencies Top the List
    • Programmatic Security Weaknesses Rank Second Place
    • Human and Technology Inadequacies Rate Third Place
    • Conclusions
  • 4. The Evolving Threat Environment
    • Overview
    • The Threat Landscape Is Diversified and Sophisticated
    • Attack Modes Make Planning and Response a Challenge
    • Conclusions
  • 5. The Cyber Threat Landscape
    • Overview
    • Who Is Responsible for Today’s Cyber Attacks?
    • The Cyber Threat Continues to Devastate the U.S. Economy and National Security
    • Trusted Insiders Bear Watching
    • State-Sponsored Cyber Attacks Create Havoc With Our Economy and National Security
    • Cyber Practices and Incident Responses Need Improvement
    • Conclusions
  • 6. Establishing a Security Risk Management Program Is Crucial
    • Overview
    • Risk Management Measures and Evaluates Risk Exposure and the Ability to Deal With Threats
    • Subscribing to a Security Risk Management Program
    • A Risk Management Program Establishes Creditability
    • When to Measure and Evaluate Performance
    • A Risk Management Program Is Key to Performance Success
    • Executives Need Compelling and Persuasive Information to Make Sound Business Decisions
    • Conclusions
    • Appendix A: Risk Management and Architecture Platform
    • Relationship Between Measurement and Evaluation
    • Architecture Platform
    • Evaluation Tools Mostly Used Within Security Organizations
    • Quality Assurance: Zero Defects
  • 7. Useful Metrics Give the Security Organization Standing
    • Overview
    • Risk-based Metrics Are Often Underestimated
    • Setting the Metric Framework and Architecture Foundation
    • Well-Designed Risk-based Metrics Resonate with CEOs
    • Theory of Probability
    • Benefits of Using Risk-based Metrics
    • Conclusion
    • Appendix A: Metric Framework and Architecture Platform
    • Strategic Relevance
    • Operational Reasonableness
  • 8. A User-Friendly Security Assessment Model
    • Overview
    • A Reliable Security Assessment Model That Resonates with C-Suite Executives
    • Measuring and Evaluating Performance Effectiveness
    • The Benefits Management Enjoys from Using a Risk-Based Model
    • Conclusions
  • 9. Developing a Realistic and Useful Threat Estimate Profile
    • Overview
    • Providing Meaningful Strategic Threat Advice to Executive Management Is Essential
    • Threat Planning Relies on the Development of a Useful Threat Estimate Profile
    • Suggested Composition of a Threat Estimate Profile
    • The Local/Site-Specific Threat Assessment
    • Identifying the Range of Potential Threats and Hazards Is a Critical Planning Process
    • Consequence Analysis and Probability of Occurrence for Threats and Hazards
    • Benefits of Having a Threat Estimate Profile
    • Conclusions
    • Appendix A
    • Appendix B
  • 10. Establishing and Maintaining Inseparable Security Competencies
    • Overview
    • Are Your Security Competencies a Top Priority?
    • Timely Interdependencies of Security Capabilities
    • Conclusions
  • 11. A User-Friendly Security Technology Model
    • Overview
    • A Dire Need Exists to Embrace a Technical Security Strategy
    • The Technical Security Planning Process Is Often Misunderstood and Underestimated
    • Embracing The Challenges of New Technology Advancements
    • Technology Application Has High-Visibility Challenges
    • Importance of a Quality System Maintenance Program
    • Embracing Inspections and Tests Extends the System Life Cycle
    • System Failure Modes and Compensatory Measures
    • Conclusion
    • Appendix A: Selected Security Technology Deficiencies and Weaknesses
    • Overview of Selected Case Histories
    • Appendix B: Sample Test Logs
    • Safety Information
  • 12. Preparing for Emergencies
    • Overview
    • Security Emergency Planning Is Critical to Organizational Survival
    • Planning for Prevention, Protection, Response, and Recovery
    • Alert Notification Systems Serve as Triggering Mechanisms to Carry Out Security Planning Considerations
    • Planning for Security Event-Driven Response and Recovery Operations
    • Strategies for Integrating and Prioritizing Security Response and Recovery Operations
    • Security Emergency Response Plan
    • Conclusions
    • Appendix A: Case Histories: Security Emergency Planning Fallacies
  • 13. A User-Friendly Protocol Development Model
    • Overview
    • Adopting a Protocol Strategy Is Crucial to Quality Performance
    • Need for Protocols
    • Purpose of Protocol Reviews
    • Quality Review Process for Essential Security Protocols
    • Benefits Derived from Protocol Analysis
    • Conclusions
    • Appendix A
  • 14. A Proven Organization and Management Assessment Model
    • Overview
    • Embracing the Mission of the Security Organization
    • A Reliable Organization and Management Assessment Model That Resonates with CEOs
    • Purpose of Measuring Organization and Management Competency
    • Measuring Security Management and Leadership Competencies
    • Benefits of an Operational and Management Audit
    • Conclusions
    • Appendix A: Case Histories – Management and Leadership
    • Overview of Selected Case Histories
  • 15. Building Competencies That Count: A Training Model
    • Overview
    • Why Security Training Is Important
    • Goals and Value Are Drivers of Effective Training
    • A Reliable Training Model Resonates With Chief Executive Officers
    • Independent Research and Credence of the Model
    • Types of Security Awareness Training Programs
    • Specialized Security Staff Training Program
    • Course Design Brings Instruction to Life
    • Professional Development Is Key for Security Planners
    • Benefits Management Enjoys by Adopting the Model
    • Conclusions
  • 16. How to Communicate with Executives and Governing Bodies
    • Overview
    • Why Would a CEO Ever Ask You for Help?
    • Why Should a Chief Executive Listen to You?
    • Speak the Language Executives and Board Members Understand, Care About, and Can Act On
    • Impressions Count
    • Tips That Will Help You Get Your Message Across
    • Think Strategically
    • Develop a Management Perspective
    • Be Trustworthy, Candid, and Professional
    • Be a Verbal Visionary
    • Be That Window for Tomorrow
    • Give Constructive Advice
    • Build a Solid Business Case
    • Know When to Pull Your Parachute Cord
    • Present Program Results Regularly
    • Conclusions
  • 17. A Brighter Tomorrow: My Thoughts
    • Overview
    • A Perspective for the Future
    • The Evolving Business and Threat Landscape
    • Corporate Image, Brand, and Reputation Hang in the Balance
    • Measuring and Evaluating Performance and Productivity
    • Security Design Performance and Program Integration
    • Training Programs Need a Major Uplift
    • Security Emergency Plans and Response/Recovery Procedures
    • Communicating with Executives and Governing Bodies
    • Security Leadership Needs a Touch Up
    • Change Management in the Wind
    • What Does Work May Surprise You
    • Characteristics of Future Security Leaders
    • My Parting Thought
  • References
  • Index

Details

No. of pages:
298
Language:
English
Copyright:
© Butterworth-Heinemann 2016
Published:
Imprint:
Butterworth-Heinemann
eBook ISBN:
9780128020586
Paperback ISBN:
9780128020197

About the Author

John Sullivant

John Sullivant creates strategic security planning initiatives for corporations and governments throughout the world. Throughout his lengthy security career, he has held numerous senior security positions in both the public and private sector, served on several national security councils, committees and advisory boards, and spoken frequently at professional security associations and educational institutions. He is the author of a reference on protecting critical infrastructure and his work has appeared in Security Management, the leading Security publication.

Affiliations and Expertise

President, Sisters Three Entrepreneurs Security Consultants Company, Nashua, NH, USA

Reviews

"Building an effective security program is a daunting task...for those looking for an effective resource in which to start or jumpstart their program; Building a Corporate Culture of Security: Strategies for Strengthening Organizational Resiliency is a book that will certainly help them immensely." --RSAConference.com

"The basic premise is that too many C-suite residents still consider security as a "cost-center." Sullivant identifies approaches like creating and using valuable metrics to make a convincing case for a program." --Security Letter

"Seasoned security managers, as well as C-suite executives seeking to effect positive change, can use this book to further professional development, and professors will find it to be an excellent teaching tool. At the outset of a career, knowing and applying the strategies discussed within can save a security manager a lot of time and headaches in working with organizations. There is little doubt that this book will become a valuable resource for security professionals now and in the future."--Security Management