Free Delivery Over $100
|
|
|||
|
||||
OverviewProtecting information systems to reduce the risk of security incidents is critical for organizations today. This writing provides instruction for security leaders on the processes and techniques for managing a security program. It contains practical information on the breadth of information security topics, referring to many other writings that provide details on technical security topics. This provides foundation for a security program responsive to technology developments and an evolving threat environment. The security leader may be engaged by an organization that is in crisis, where the priority action is to recover from a serious incident. This work offers foundation knowledge for the security leader to immediately apply to the organization's security program while improving it to the next level, organized by development stage: - Reactive--focused on incident detection and response - Planned--control requirements, compliance and reporting - Managed--integrated security business processes The security leader must also communicate with the organization executive, whose focus is on results such as increasing revenues or reducing costs. The security leader may initially be welcomed as the wizard who applies mysterious skills to resolve an embarrassing incident. But the organization executive will lose patience with a perpetual crisis and demand concrete results. This writing explains how to communicate in terms executives understand. Full Product DetailsAuthor: Christopher T CarlsonPublisher: Universal Publishers Imprint: Universal Publishers Dimensions: Width: 15.60cm , Height: 1.70cm , Length: 23.40cm Weight: 0.435kg ISBN: 9781627342766ISBN 10: 1627342761 Pages: 308 Publication Date: 15 November 2019 Audience: General/trade , General Format: Paperback Publisher's Status: Active Availability: In stock  We have confirmation that this item is in stock with the supplier. It will be ordered in for you and dispatched immediately. Table of ContentsReviewsChris has a depth of knowledge and understanding with a rational approach to information security born from a career as a practitioner and leader. I really like his practical methodology to solving what appears to be a complex issue, simplifying the approach to identifying the challenges and presenting solutions. He outlines the necessity to fully understand the lifecycle of cyber security; identifying the issues, cataloguing your assets, defining responsibilities so that you can hold people to account, mapping your control frameworks, identifying your dependencies including your people and your third parties, exercising your crisis plans, then to reporting on the status. 'Plan--Do--Check--Act!' Kevin Williams, Head of the International Information Integrity Institute Chris offers practical instructions and real-world examples of how to approach, describe, and action the mystical world of cyber security. Leveraging his 35+ years of experience he shows cyber professional how to dissect problems into logical, achievable results for both technical staff and senior management. His conversational writing style, meaningful examples, and sequencing of actions allows the reader to define a roadmap that is tailored to their organizational maturity and structure. New cyber security professionals will welcome this how-to guide, while seasoned professionals will recognize the many deliverables they have left undone. Yet, the greatest gift for the reader is new insight on how good cyber practices allow you to quantify risk. Chris' introduction to the FAIR methodology de-mystifies the quantification of risk, empowers senior managers to make more informed decisions and defines critical priorities for the cyber teams. Keith H. Herndon, VP of Cyber Security and Chief Information Security Officer, Baker Hughes One of the hardest decisions a chief information security officer faces is defining the right problem solve. In this book, Chris describes the approach to solve the right problem, that of how to effectively manage the risk of information technology. He presents a refreshingly pragmatic approach ranging from immediate crisis management through cost benefit analysis of an information security strategy. In this way, he takes the CISO on a path of maturity from a novice incident fire fighter to a mature, strategic organizational leader. By reading and applying this book, information security professionals everywhere will learn tactical and strategic action they can take now to build more effective security organizations. Mike Jerbic, Chair, The Open Group Security Forum How to Manage Cybersecurity Risk is a phenomenal resource for those people who want to do risk management right. It is a wealth of experience from a passionate, seasoned professional who has tackled some of the industry's biggest risk scenarios and problems. It is a must have for both experienced GRC professionals as well as those new to this growing industry. Alex Hutton, Security Executive Author InformationChristopher T. Carlson is a pioneer, having arrived in his first computing security assignment at the dawn of the field in 1982. He created or substantially evolved practices in his security assignments including classified computing security, computing security policy and controls, security awareness, business unit security support, security assessments, access administration including role-based access, risk analysis and management, application security development life cycle, and international security. The goal of this writing is to provide lessons from the field so that those who follow need not start from scratch. Tab Content 6Author Website:Countries AvailableAll regions |
||||
