read online Best A Practical Guide to Managing Information Security (Artech House Technology Management Library) – Z55z.co

This groundbreaking book helps you master the management of information security, concentrating on the recognition and resolution of the practical issues of developing and implementing It security for the enterprise Drawing upon the authors wealth of valuable experience in high risk commercial environments, the work focuses on the need to align the information security process as a whole with the requirements of the modern enterprise, which involves empowering business managers to manage information security related risk Throughout, the book places emphasis on the use of simple, pragmatic risk management as a tool for decision making The first book to cover the strategic issues of It security, it helps you to understand the difference betweentheoretical treatments of information security and operational reality learn how information security risk can be measured and subsequently managed define and execute an information security strategy design and implement a security architecture and ensure that limited resources are used optimally Illustrated by practical examples, this topical volume reveals the current problem areas in It security deployment and management Moreover, it offers guidelines for writing scalable and flexible procedures for developing an It security strategy and monitoring its implementation You discover an approach for reducing complexity and risk, and find tips for building a successful team and managing communications issues within the organization This essential resource provides practical insight into contradictions in the current approach to securing enterprise wide It infrastructures, recognizes the need to continually challenge dated concepts, demonstrates the necessity of using appropriate risk management techniques, and evaluates whether or not a given risk is acceptable in pursuit of future business opportunities.


5 thoughts on “A Practical Guide to Managing Information Security (Artech House Technology Management Library)

  1. Mike Weston Mike Weston says:

    If you are an Information Security manager and find yourself reactively managing Information Security, then this is the book for you.Steve Purser has written this practical guide that describes how to move out of reactive mode and towards proactive management of Information Security.The book outlines a risk based approach to Information Security management, which is supported by underlying policies, procedures, standards, process improvement and a technical security architecture.Using the fictitious Secure Bank as a basis, Steve takes the reader on a journey through the stages required to implement proactive security management I particularly liked the use of the Secure Bank case study as this successfully juxtaposes theory with operational reality and shows the resultant compromises.All in all this is a well written, well structured book which covers all the bases on how to pragmatically manage Information Security.The book fills a gap in the current Information Security literature and is a welcome addition to my library.I recommend it.


  2. Alan Alan says:

    Excellent This book strikes exactly the right balance between providing real life, pragmatic guidance in the management of information security, and at the same time provides sufficient technical and operational depth to the subject matter overall The book is well structured and very clear, and provides a coherent approach to addressing strategic and tactical information security issues Security technologies, policies, procedures and processes are clearly explained and practically demonstrated but the greatest benefit of this book is that it sets risk and security in the context of a functioning organisation in this case a bank and provides answers to the concerns of senior management, technical staff and business managers in a way that supports, not hinders, the organisation Highly recommended reading.


  3. Alan Alan says:

    Excellent This book strikes exactly the right balance between providing real life, pragmatic guidance in the management of information security, and at the same time provides sufficient technical and operational depth to the subject matter overall The book is well structured and very clear, and provides a coherent approach to addressing strategic and tactical information security issues Security technologies, policies, procedures and processes are clearly explained and practically demonstrated but the greatest benefit of this book is that it sets risk and security in the context of a functioning organisation in this case a bank and provides answers to the concerns of senior management, technical staff and business managers in a way that supports, not hinders, the organisation Highly recommended reading.


  4. Xavier Xavier says:

    This book is a good resource for security professionals It provides a broad review of Information Security management techniques and describes some of the controls, mainly technical controls The fictitious case study is useful because it illustrates the way decisions are often made in real life and provides examples of the kind of trade offs that are often necessary This is definitively not an IT Security encyclopedia However the main areas of IT Security are covered without making a decision on behalf of the reader.


  5. JohnV JohnV says:

    Steve focuses on providing practical guidance for the IT security professional He not only focuses on the security elements of deploying and managing IT security initiatives but he also describes the crucial management aspects of it as well Written by a security practioner for security practioners, this book is a must read for anyone seriously engaged in the field.