Risk Management for Computer Security - 1st Edition - ISBN: 9780750677950, 9780080491554

Risk Management for Computer Security

1st Edition

Protecting Your Network and Information Assets

Authors: Andy Jones Debi Ashenden
eBook ISBN: 9780080491554
Paperback ISBN: 9780750677950
Imprint: Butterworth-Heinemann
Published Date: 15th March 2005
Page Count: 296
Tax/VAT will be calculated at check-out
30% off
30% off
30% off
30% off
30% off
20% off
20% off
30% off
30% off
30% off
30% off
30% off
20% off
20% off
30% off
30% off
30% off
30% off
30% off
20% off
20% off
30% off
30% off
30% off
30% off
30% off
20% off
20% off
50.95
35.66
35.66
35.66
35.66
35.66
40.76
40.76
42.95
30.07
30.07
30.07
30.07
30.07
34.36
34.36
33.99
23.79
23.79
23.79
23.79
23.79
27.19
27.19
54.95
38.47
38.47
38.47
38.47
38.47
43.96
43.96
Unavailable
DRM-Free

Easy - Download and start reading immediately. There’s no activation process to access eBooks; all eBooks are fully searchable, and enabled for copying, pasting, and printing.

Flexible - Read on multiple operating systems and devices. Easily read eBooks on smart phones, computers, or any eBook readers, including Kindle.

Open - Buy once, receive and download all available eBook formats, including PDF, EPUB, and Mobi (for Kindle).

Institutional Access

Secure Checkout

Personal information is secured with SSL technology.

Free Shipping

Free global shipping
No minimum order.

Description

Risk Management for Computer Security provides IT professionals with an integrated plan to establish and implement a corporate risk assessment and management program. The book covers more than just the fundamental elements that make up a good risk program for computer security. It presents an integrated how-to approach to implementing a corporate program, complete with tested methods and processes, flowcharts, and checklists that can be used by the reader and immediately implemented into a computer and overall corporate security program. The challenges are many and this book will help professionals in meeting their challenges as we progress through the twenty-first century.

This book is organized into five sections. Section I introduces the reader to the theories of risk management and describes the field's changing environment as well as the art of managing risks. Section II deals with threat assessment and its input to risk assessment; topics covered include the threat assessment method and an example of threat assessment. Section III focuses on operating system vulnerabilities and discusses application vulnerabilities; public domain vs. COTS; and connectivity and dependence. Section IV explains what risk assessment is and Section V explores qualitative vs. quantitative tools and types of risk assessment and concludes with an assessment of the future of risk management.

Corporate security professionals around the world will find this book a highly valuable source of information.

Key Features

  • Presents material in an engaging, easy-to-follow manner that will appeal to both advanced INFOSEC career professionals and network administrators entering the information security profession
  • Addresses the needs of both the individuals who are new to the subject as well as of experienced professionals
  • Provides insight into the factors that need to be considered and fully explains the numerous methods, processes and procedures of risk management

Readership

Corporate security professionals around the world

Table of Contents

Section I: An Introduction to Risk Management: Introduction to the Theories of Risk Management; The Changing Environment; The Art of Managing Risks; Section II: The Threat Assessment Process: Threat Assessment and its Input to Risk Assessment; Threat Assessment Method; Example Threat Assessment; Section III: Vulnerability Issues: Operating System Vulnerabilities; Application Vulnerabilities; Public Domain or Commercial Off-the-Shelf Software?; Connectivity and Dependence; Section IV: The Risk Process: What is Risk Assessment?; Risk Analysis; Who is Responsible?; Section V: Tools and Types of Risk Assessment: Qualitative and Quantitative Rrisk Assessment; Policies, Procedures, Plans, and Processes of Risk Management; Tools and Techniques; Integrated Risk Management; Section VI: Future Directions: The Future of the Risk Management

Details

No. of pages:
296
Language:
English
Copyright:
© Butterworth-Heinemann 2005
Published:
Imprint:
Butterworth-Heinemann
eBook ISBN:
9780080491554
Paperback ISBN:
9780750677950

About the Author

Andy Jones

Andy Jones is an experienced Military Intelligence Analyst and Information Technology Security specialist. He has had considerable experience in the analysis of Intelligence material in Strategic, Tactical and Counter-Insurgency operations and a wide range of Information systems management experience. In addition, he has considerable experience in the security of Information Technology systems, having been responsible for the implementation of Information Technology security within all areas of the British Army and in some joint service organizations. He has directed both Intelligence and Security operations and briefed the results at the highest level. He was awarded the MBE for his work during his service in Northern Ireland and has gained an Open University Bachelor of Science degree in mathematics and technology and a Masters degree in Information Security and Computer Crime from the University of Glamorgan. After completing 25 years service with the British Army’s Intelligence Corps, he moved into the area of defense research and was employed as the manager of a group of 80 research scientists and as a researcher and analyst in the area of Information Security. He has also had experience as a project manager within defense research for the security aspects of a number of large projects and has gained considerable expertise on the criminal and terrorist aspects of Information Security. He has undertaken a range of research into a number of aspects of Information warfare and the threats to information systems. 1n 2002 he co-authored a book on information warfare and is currently researching to write a book on the risks to information systems. In addition to his main work as a senior lecturer on Information Security and Computer Crime at the University of Glamorgan, he is currently also an associate lecturer for the Open University on Internet communications. His primary area of research for the last two years has been into methods for the measurement of t

Affiliations and Expertise

A Research Group Leader at the Security Research Centre for British Telecommunications where he is conducting research into the security of information and communication systems.

Debi Ashenden

Debi has a well-developed set of "soft" consultancy skills and experience developed by her formal education in the Arts and subsequent experience as a lecturer and advisor to students in colleges of further education. She has built on this so as to develop a set of IT skills through additional training with Birmingham University. Moreover she has deployed these skills to good effect in both civil and military consulting assignments. In this latter phase Debi's M.Sc. work was directed at investigating issues of system lifecycle security under DERA (now QinetiQ) sponsorship. Debi has also led the development and application of security risk analysis techniques within the Trusted Information Management Department at QinetiQ. She was previously the Head of Professional Services in the Trusted Information Management department at QinetiQ, the privatised element of what was previously the Defence Evaluation and Research Agency and is currently a Senior Research Fellow in Information Assurance at the Royal Military College of Science, Cranfield University.

Affiliations and Expertise

Senior Research Fellow in Information Assurance at the Royal Military College of Science, Cranfield University, UK