An in-depth guide to management and strategy essentials for information security professionals, complete with proven management practices and hard-learned lessons from security's top professionals The Information Security Practitioner's Guide to Business, Management & Strategy provides IT security professionals with an actionable, rock-solid foundation in security strategy and management techniques--from an overview of the common problems facing most IT organizations to management tips and approaches that utilize the best practices for building effective information security programs. The book is chock-full of case examples, personal anecdotes, real-world professional advice, and detailed walk-throughs of effective business practices, terminology, and strategic action plans to benefit professionals in security--from the service desk to the board room.
Teaches business smarts to IT practitioners Reveals how to think like key stakeholders, evaluate what's important to decision makers, and understand how to influence partners and colleagues in order to solve security challenges Features proven, real-world methods for solving problems faced daily by anyone working in IT, such as how to overcome de-prioritization of patch management, risk modeling, and obtaining incremental budgets mid-year or in the face of budget cuts Contains essential business terms, methodologies, and theories are all related to IT and security--bridging the communication gap between IT staff and business stakeholders Covers critical business skills such as presentation skills that can give you an edge over other staff competing for the same resources and budget Discusses working with and auditing vendors
Sprache
Verlagsort
Verlagsgruppe
McGraw-Hill Education - Europe
Zielgruppe
Illustrationen
ISBN-13
978-0-07-179911-9 (9780071799119)
Copyright in bibliographic data and cover images is held by Nielsen Book Services Limited or by the publishers or by their respective licensors: all rights reserved.
Schweitzer Klassifikation
Adam Ely, CISSP, CISA, NSA IAM, MCSE is the Founder and COO of Bluebox. Prior to this role, he was the CISO of the Heroku business unit at Salesforce.com where he was responsible for application security, security operations, compliance, and external security relations. Previously, Adam led security and compliance at TiVo and held various security leadership roles within The Walt Disney Company where he was responsible for security operations and application security of Walt Disney web properties, including ABC.com, ESPN.com, and Disney.com. He is also an advisor to several technology companies and a regular contributing writer for numerous publications including Dark Reading and InformationWeek. Adam was the technical editor for two security focused books and served on the technical editorial committee of the ISACA journal. Visit www.adamely.com Twitter @adamely.
Part 1 Essentials 1Management 101 2Security Strategy Part 2 Money Talks 3Obtaining Budget 4Staffing Part 3 Who's on First? 5Prioritization of Security Initatives Part 4 Will they Like Me? 6Getting Involved 7Gaining Authority Part 5 Hackable 8Application Security 9Training Part 6 External Partners 10Vendor Management 11Patching Systems & Applications
