Librería Portfolio

Key Features

Provides a roadmap on how to build a security program that will protect companies from intrusion
Shows how to focus the security program on its essential mission and move past FUD (fear, uncertainty, and doubt) to provide business value
Teaches how to build consensus with an effective business-focused program
Description

Building a Practical Information Security Program provides users with a strategic view on how to build an information security program that aligns with business objectives. The information provided enables both executive management and IT managers not only to validate existing security programs, but also to build new business-driven security programs. In addition, the subject matter supports aspiring security engineers to forge a career path to successfully manage a security program, thereby adding value and reducing risk to the business. Readers learn how to translate technical challenges into business requirements, understand when to ´go big or go home,´ explore in-depth defense strategies, and review tactics on when to absorb risks. This book explains how to properly plan and implement an infosec program based on business strategy and results.
Readership

IT security professionals (security auditors, security engineers, compliance specialists, etc.); IT professionals (network administrators, IT managers, security managers, security analysts, directors of security, etc.)



Why We Need Security Programs
Develop a Security Strategy
Integrate Security into the Organization
Establish a Security Organization
Develop a Security Policy
Manage the Risks
Protect the Data
Manage the Security of Third Parties and Vendors
Conduct Security Awareness and Training
Develop Metrics to Measure Program Effectiveness