Building a Practical Information Security Program - 1st Edition - ISBN: 9780128020425, 9780128020883

Building a Practical Information Security Program

1st Edition

Authors: Jason Andress Mark Leary
eBook ISBN: 9780128020883
Paperback ISBN: 9780128020425
Imprint: Syngress
Published Date: 14th October 2016
Page Count: 202
Tax/VAT will be calculated at check-out Price includes VAT (GST)
30% off
30% off
30% off
30% off
30% off
20% off
20% off
30% off
30% off
30% off
30% off
30% off
20% off
20% off
30% off
30% off
30% off
30% off
30% off
20% off
20% off
69.95
48.97
48.97
48.97
48.97
48.97
55.96
55.96
42.99
30.09
30.09
30.09
30.09
30.09
34.39
34.39
50.95
35.66
35.66
35.66
35.66
35.66
40.76
40.76
Unavailable
Price includes VAT (GST)
× DRM-Free

Easy - Download and start reading immediately. There’s no activation process to access eBooks; all eBooks are fully searchable, and enabled for copying, pasting, and printing.

Flexible - Read on multiple operating systems and devices. Easily read eBooks on smart phones, computers, or any eBook readers, including Kindle.

Open - Buy once, receive and download all available eBook formats, including PDF, EPUB, and Mobi (for Kindle).

Institutional Access

Secure Checkout

Personal information is secured with SSL technology.

Free Shipping

Free global shipping
No minimum order.

Description

Building a Practical Information Security Program provides users with a strategic view on how to build an information security program that aligns with business objectives. The information provided enables both executive management and IT managers not only to validate existing security programs, but also to build new business-driven security programs. In addition, the subject matter supports aspiring security engineers to forge a career path to successfully manage a security program, thereby adding value and reducing risk to the business. Readers learn how to translate technical challenges into business requirements, understand when to "go big or go home," explore in-depth defense strategies, and review tactics on when to absorb risks. This book explains how to properly plan and implement an infosec program based on business strategy and results.

Key Features

  • Provides a roadmap on how to build a security program that will protect companies from intrusion
  • Shows how to focus the security program on its essential mission and move past FUD (fear, uncertainty, and doubt) to provide business value
  • Teaches how to build consensus with an effective business-focused program

Readership

IT security professionals (security auditors, security engineers, compliance specialists, etc.); IT professionals (network administrators, IT managers, security managers, security analysts, directors of security, etc.)

Table of Contents

Why We Need Security Programs

Develop a Security Strategy

Integrate Security into the Organization

Establish a Security Organization

Develop a Security Policy

Manage the Risks

Protect the Data

Manage the Security of Third Parties and Vendors

Conduct Security Awareness and Training

Develop Metrics to Measure Program Effectiveness

 

Details

No. of pages:
202
Language:
English
Copyright:
© Syngress 2017
Published:
Imprint:
Syngress
eBook ISBN:
9780128020883
Paperback ISBN:
9780128020425

About the Author

Jason Andress

Jason Andress (CISSP, ISSAP, CISM, GPEN) is a seasoned security professional with a depth of experience in both the academic and business worlds. Presently he carries out information security oversight duties, performing penetration testing, risk assessment, and compliance functions to ensure that critical assets are protected. Jason has taught undergraduate and graduate security courses since 2005 and holds a doctorate in computer science, researching in the area of data protection. He has authored several publications and books, writing on topics including data security, network security, penetration testing, and digital forensics.

Affiliations and Expertise

CISSP, ISSAP, CISM, GPEN

Mark Leary

Mark Leary possesses over 30 years of experience in security management and technical intelligence holding several positions of responsibility in IT security management for government agencies and commercial firms. Mark currently performs as Vice President and Chief Information Security Officer for Xerox Corporation, the world’s leading global enterprise for business process and document management with sales approaching $23 billion. Marks holds a Doctorate in Management, MBA with a concentration in Project Management, Dual Masters in Security and IT Management, and holds several professional certifications (CISSP, CISM, CGIET, and PMP). He also serves as an Adjunct Professor for the University of Maryland and Industry Advisor to the Rochester Institute of Technology.

Affiliations and Expertise

CISSP, CISM, CGIET, PMP