|
|
|
|
| LEADER |
05727nam a22004093i 4500 |
| 001 |
EBC6422703 |
| 003 |
MiAaPQ |
| 005 |
20231204023215.0 |
| 006 |
m o d | |
| 007 |
cr cnu|||||||| |
| 008 |
231204s2012 xx o ||||0 eng d |
| 020 |
|
|
|a 9781430251149
|q (electronic bk.)
|
| 020 |
|
|
|z 9781430251132
|
| 035 |
|
|
|a (MiAaPQ)EBC6422703
|
| 035 |
|
|
|a (Au-PeEL)EBL6422703
|
| 035 |
|
|
|a (OCoLC)1105794588
|
| 040 |
|
|
|a MiAaPQ
|b eng
|e rda
|e pn
|c MiAaPQ
|d MiAaPQ
|
| 050 |
|
4 |
|a QA76.9.A25
|
| 082 |
0 |
|
|a 005.8
|
| 100 |
1 |
|
|a Harkins, Malcolm.
|
| 245 |
1 |
0 |
|a Managing Risk and Information Security :
|b Protect to Enable.
|
| 250 |
|
|
|a 1st ed.
|
| 264 |
|
1 |
|a Berkeley, CA :
|b Apress L. P.,
|c 2012.
|
| 264 |
|
4 |
|c Ã2013.
|
| 300 |
|
|
|a 1 online resource (145 pages)
|
| 336 |
|
|
|a text
|b txt
|2 rdacontent
|
| 337 |
|
|
|a computer
|b c
|2 rdamedia
|
| 338 |
|
|
|a online resource
|b cr
|2 rdacarrier
|
| 505 |
0 |
|
|a Intro -- Contents at a Glance -- About ApressOpen -- Foreword -- Contents -- About the Author -- Preface -- Acknowledgments -- Chapter 1: Introduction -- Protect to Enable -- Keeping the Company Legal: The Regulatory Flood -- Privacy: Protecting Personal Information -- Personalization versus Privacy -- Financial Regulations -- e-Discovery -- Expanding Scope of Regulation -- The Rapid Proliferation of Information and Devices -- The Changing Threat Landscape -- Stealthy Malware -- Compromise Is Inevitable -- A New Approach to Managing Risk -- Chapter 2: The Misperception of Risk -- The Subjectivity of Risk Perception -- How Employees Misperceive Risk -- How Security Professionals Misperceive Risk -- How Decision Makers Misperceive Risk -- How to Mitigate the Misperception of Risk -- Uncovering New Perspectives During Risk Assessments -- Communication Is Essential -- Building Credibility -- Chapter 3: Governance and Internal Partnerships -- Information Risk Governance -- Finding the Right Governance Structure -- Intel's Information Risk Governance -- Building Internal Partnerships -- Legal -- Privacy -- Litigation -- Intellectual Property and Data Classification -- Contracts -- Financial Compliance -- Legal Specialists Within Business Groups -- Human Resources -- Setting Employee Expectations in Security Policies -- Employee Communications -- Investigations -- Finance -- Sarbanes-Oxley Compliance -- Working with Business Groups -- Internal Audit -- Corporate Risk Management -- Privacy -- Corporate Security -- Business Group Managers -- Conclusion -- Chapter 4: External Partnerships -- The Value of External Partnerships -- External Partnerships: Types and Tiers -- 1:1 Partnerships -- Communities -- Community Characteristics -- Community Goals -- Sharing Information About Threats and Vulnerabilities -- Sharing Best Practices and Benchmarking.
|
| 505 |
8 |
|
|a Influencing Regulations and Standards -- Corporate Citizenship -- Conclusion -- Chapter 5: People Are the Perimeter -- The Shifting Perimeter -- Examining the Risks -- Adjusting Behavior -- The Payoff -- Roundabouts and Stop Signs -- The Security Benefits of Personal Use -- Sealing the Gaps -- The IT Professional -- Insider Threats -- Finding the Balance -- Chapter 6: Emerging Threats and Vulnerabilities -- Structured Methods for Identifying Threat Trends -- The Product Life Cycle Model -- Understanding Threat Agents -- Playing War Games -- Trends That Span the Threat Landscape -- Trust Is an Attack Surface -- Barriers to Entry Are Crumbling -- The Rise of Edge Case Insecurity -- The Enemy Knows the System -- Key Threat Activity Areas -- The Industry of Malware -- The Web As an Attack Surface -- Smartphones -- Web Applications -- Conclusion -- Chapter 7: A New Security Architecture to Improve Business Agility -- Business Trends and Architecture Requirements -- IT Consumerization -- New Business Needs -- Cloud Computing -- Changing Threat Landscape -- Privacy and Regulatory Requirements -- New Architecture -- Trust Calculation -- Source Score -- Destination Score -- Available Controls -- Calculating Trust -- Security Zones -- Untrusted Zones -- Selective Zones -- Trusted Zones -- Balanced Controls -- Users and Data: The New Perimeters -- Data Perimeter -- User Perimeter -- Conclusion -- Chapter 8: Looking to the Future -- Internet of Things -- Compute Continuum -- Cloud Computing -- Business Intelligence and Big Data -- Business Benefits and Risks -- New Security Capabilities -- Baseline Security -- Protected Environments -- Encryption -- Hardware Acceleration -- Enhanced Recovery -- Integration with Security Software and Other Applications -- Context-Aware Security -- Cloud Security and Context Awareness -- Business Intelligence and Data Protection.
|
| 505 |
8 |
|
|a Conclusion: The Implications for CISOs -- Chapter 9: The 21st Century CISO -- Chief Information Risk Officer -- The Z-Shaped Individual -- Foundational Skills -- Becoming a Storyteller -- Fear Is Junk Food -- Accentuating the Positive -- Demonstrating the Reality of Risk -- The CISO's Sixth Sense -- Taking Action at the Speed of Trust -- The CISO As a Leader -- Learning from Other Business Leaders -- Looking to the Future -- Chapter 10: References -- Index.
|
| 588 |
|
|
|a Description based on publisher supplied metadata and other sources.
|
| 590 |
|
|
|a Electronic reproduction. Ann Arbor, Michigan : ProQuest Ebook Central, 2023. Available via World Wide Web. Access may be limited to ProQuest Ebook Central affiliated libraries.
|
| 655 |
|
4 |
|a Electronic books.
|
| 776 |
0 |
8 |
|i Print version:
|a Harkins, Malcolm
|t Managing Risk and Information Security
|d Berkeley, CA : Apress L. P.,c2012
|z 9781430251132
|
| 797 |
2 |
|
|a ProQuest (Firm)
|
| 856 |
4 |
0 |
|u https://ebookcentral.proquest.com/lib/matrademy/detail.action?docID=6422703
|z Click to View
|
