CHF35.00
Download steht sofort bereit
With the growth in social networking and the potential for larger and larger breaches of sensitive data,it is vital for all enterprises to ensure that computer users adhere to corporate policy and project staff design secure systems. Written by a security expert with more than 25 years' experience, this book examines how fundamental staff awareness is to establishing security and addresses such challenges as containing threats, managing politics, developing programs, and getting a business to buy into a security plan. Illustrated with real-world examples throughout, this is a must-have guide for security and IT professionals.
Autorentext
David Lacey is a leading authority on Information Security management with more than 25 years professional experience, gained in senior leadership roles in Royal Dutch/Shell Group, Royal Mail Group and the British Foreign & Commonwealth Office. David is now a freelance director, researcher, writer and a consultant to organisations, venture capitalists and technology companies. He also writes a leading blog on IT Security for Computer Weekly, the largest circulation UK technology magazine.
Klappentext
"Computers do not commit crimes. People do." The biggest threat to information security is the "human factor", the influence of people. Even the best people will make mistakes, cause breaches and create security weaknesses that enable criminals to steal, corrupt or manipulate systems and data. The explosion in social networking and mobile computing is intensifying this problem. For the first time, this book brings together theories and methods which will help you to change and harness people's security behaviour. It will help you to:
Inhalt
Acknowledgements xvii
Foreword xix
Introduction xxi
1 Power to the people 1
The power is out there . . . somewhere 1
An information-rich world 2
When in doubt, phone a friend 3
Engage with the public 4
The power of the blogosphere 4
The future of news 5
Leveraging new ideas 5
Changing the way we live 6
Transforming the political landscape 7
Network effects in business 8
Being there 9
Value in the digital age 9
Hidden value in networks 10
Network innovations create security challenges 12
You've been de-perimeterized! 14
The collapse of information management 15
The shifting focus of information security 15
The external perspective 17
A new world of openness 18
A new age of collaborative working 19
Collaboration-oriented architecture 20
Business in virtual worlds 21
Democracy . . . but not as we know it 22
Don't lock down that network 23
The future of network security 24
Can we trust the data? 25
The art of disinformation 27
The future of knowledge 28
The next big security concern 30
Learning from networks 31
2 Everyone makes a difference 33
Where to focus your efforts 33
The view from the bridge 34
The role of the executive board 35
The new threat of data leakage 36
The perspective of business management 38
The role of the business manager 39
Engaging with business managers 40
The role of the IT function 41
Minding your partners 42
Computer users 43
Customers and citizens 44
Learning from stakeholders 44
3 There's no such thing as an isolated incident 47
What lies beneath? 47
Accidents waiting to happen 48
No system is foolproof 49
Visibility is the key 49
A lesson from the safety field 50
Everyone makes mistakes 52
The science of error prevention 53
Swiss cheese and security 54
How significant was that event? 55
Events are for the record 56
When an event becomes an incident 57
The immediacy of emergencies 57
When disaster strikes 58
When events spiral out of control 58
How the response process changes 59
No two crises are the same 60
One size doesn't fit all 61
The limits of planning 62
Some assets are irreplaceable 63
It's the process, not the plan 63
Why crisis management is hard 64
Skills to manage a crisis 65
Dangerous detail 67
The missing piece of the jigsaw 67
Establish the real cause 68
Are you incubating a crisis? 69
When crisis management becomes the problem 70
Developing a crisis strategy 70
Turning threats into opportunities 71
Boosting market capitalization 72
Anticipating events 73
Anticipating opportunities 74
Designing crisis team structures 75
How many teams? 76
Who takes the lead? 77
Ideal team dynamics 77
Multi-agency teams 78
The perfect environment 79
The challenge of the virtual environment 80
Protocols for virtual team working 81
Exercising the crisis team 81
Learning from incidents 83
4 Zen and the art of risk management 85
East meetsWest 85
The nature of risks 86
Who invented risk management? 87
We could be so lucky 88
Components of risk 89
Gross or net risk? 90
Don't lose sight of business 91
How big is your appetite? 92 It's an emotional thing 93<...