A primer on why cyber security is imperative--from the CIO of Symantec, the global leader in information security.
Provides a "short cut" for executives to learn more about information security and how it will affect their business.
Foreword by Richard Clarke, Former Chairman of the President's Critical Infrastructure Protection Board and Former Special Advisor to the President for Cyber Security.
Symantec Press--the publicity power of Symantec's PR team will boost exposure and sales.
The book provides a pragmatic approach to evaluating security at a company and putting together an effective information security program. The book focuses on three key themes; People, Processes, and Technology and is organized according to the steps executives would follow in order to develop an information security program for their company. Key elements of the program include staffing this function at a company, putting the necessary internal processes in place, and implementing the appropriate technology. Business executives will find this book a good primer for understanding the key existing and future security issues, and for taking the necessary action to ensure the protection of their enterprise's information assets. The objective of this book is to provide a "short cut" for executives to learn more about information security and how it will affect their business in the future. An overview of information security concepts is provided, so they can be better prepared to evaluate how their company is addressing information security. Product Description
The book provides a pragmatic approach to evaluating security at a companyand putting together an effective information security program. The bookfocuses on three key themes; People, Processes, and Technology and isorganized according to the steps executives would follow in order to developan information security program for their company. Key elements of theprogram include staffing this function at a company, putting the necessaryinternal processes in place, and implementing the appropriate technology.Business executives will find this book a good primer for understanding the keyexisting and future security issues, and for taking the necessary action to ensurethe protection of their enterprise's information assets.The objective of this book is to provide a short cut for executives to learnmore about information security and how it will affect their business in thefuture. An overview of information security concepts is provided, so they canbe better prepared to evaluate how their company is addressing informationsecurity.
Features + Benefits
A primer on why cyber security is imperative--from the CIO of Symantec, the global leader in information security.
° Provides a short cut for executives to learn more about information security and how it will affect their business.
° Foreword by Richard Clarke, Former Chairman of the President's Critical Infrastructure Protection Board and Former Special Advisor to the President for Cyber Security.
° Symantec Press--the publicity power of Symantec's PR team will boost exposure and sales.
Backcover
Praise for The Executive Guide to Information Security
In today's world, no business can operate without securing its computers. This book conveys that message in clear, concise terms and acts as a tremendous primer to CEOs.
-from the Foreword by Richard A. Clarke
Every CEO is responsible for protecting the assets of their corporation-the people, intellectual property, corporate and customer information, infrastructure, network, and computing resources. This is becoming both more important and more difficult with the rise in the number and sophistication of cyber threats. This book helps the CEO understand the issues and ask the right questions to implement a more effective strategy for their business.
-Steve Bennett, president and CEO, Intuit
Mark Egan and Tim Mather help nontechnical executives gain a comprehensive perspective over the security challenges that all companies face today. This book is well structured and practical. Yet, it also stresses that a strategic approach to cyber security is essential, and that tone at the top will determine the effectiveness of any corporate cyber security policy.
-Eric Benhamou, chairman of the board of directors, 3Com Corporation, palmOne, and PalmSource, Inc
This book is not about cyber security; it's about managing one's company and the role that cyber security plays in that scenario. It's chilling to think of how vulnerable the assets of a business are on a computer network; this book is a fire alarm in the night for business executives to realize computer security is not a tech issue-it's a business issue worthy of the same attention and priority that business executives might place on any other mission-critical element of their company.
-George Reyes, CFO, Google
This is a must read for any executive of any size company. The Internet makes all businesses equal in that they are subject to the same types of threats regardless of their product. In this book, the CIO and security director of one of the top security companies makes the business case for security and tells you what to do to successfully mitigate threats.
-Howard A. Schmidt, former cyber security advisor to the White House, CSO Microsoft, and VP CISO eBay
This book gives an excellent overview of the issues around securing information at a time in our history when information is extremely vulnerable to outside attack, retrieval, or manipulation. Steps taken now can make a huge difference to a company's ability to survive and thrive in a heterogeneous attack culture.
-Bob Concannon, Global Practice Leader, Boyden Global Executive Search
Few if any books expose the business executive to the serious and critical nature of existing and evolving security issues using nontechnical terms. Executives can no longer afford to delegate the responsibility and accountability for security without understanding the issues and without assuming the ultimate responsibility for security in the firm. This book should become required reading for every business executive, regardless of product or company size.
-John Moreno, chair, MS in Information Technology, Golden Gate University
This book details the what, why, and how to solve issues of information security in business today. It gives examples many people will recognize from the press, discusses the basics of information security in a very understandable way, and reviews approaches for addressing these risks and threats.
-David Schwartz, managing director, Derivative Products Risk Advisors, Inc.
This book fills a void by addressing the key criteria executives need to consider when implementing an effective information security plan within their organization.
-Shobana Gubbi, former project manager of IOS Technologies, Cisco
A Business-Focused Information Security Action Plan for Every Executive Today, every executive must understand information security from a business perspective. Now, this concise book tells business leaders exactly what they need to know to make intelligent decisions about security-without ever getting lost in the technical complexities.
The Executive Guide to Information Security offers realistic, step-by-step recommendations for evaluating and improving information security in any enterprise. From start to finish, the focus is on action: what works and how to get it done. Here are just a few of the things you will be learning:
Understanding your security challenges and obligations
Trends in security attacks
Systematically identifying your risks and vulnerabilities
Implementing best-practice processes for access, acceptable use, training, strategy, and emergency response
Effective executive leadership, governance, and metrics
Staffing security-coping with a shortage of expertise
Whether you're a CxO, a line-of-business executive, or an IT executive who needs to get colleagues up to speed, this is the nontechnical, business-driven security briefing you've been searching for.
Mark Egan is chief information officer and vice president of the Information Technology Division of Symantec. In this role, he is responsible for all internal systems and security at Symantec. Egan is the co-chair of TechNet's Cyber Security Best Practices Campaign and a frequent speaker on best practices for information security and information technology.
TIM MATHER, Symantec's vice president and chief information security officer, is responsible for Symantec's information security program. Mather is a Certified Information Systems Security Professional and a Certified Information Systems Manager.
The authors' profits from this book will support a scholarship program for underprivileged students planning IT careers.
© Copyright Pearson Education. All rights reserved.
Foreword.
Preface.
1. The Information Security Challenge.
2. Information Security Overview.
3. Developing Your Information Security Program.
4. People.
5. Process.
6. Technology.
7. Information Security Roadmap.
8. View Into The Future.
9. Summary.
Appendix A. Security Evaluation Framework.
Appendix B. Information Security Web Sites.
Appendix C. Operational Security Standards.
Appendix D. Sample Security Job Descriptions.
Glossary.
Index.
The book provides a pragmatic approach to evaluating security at a company
and putting together an effective information security program. The book
focuses on three key themes; People, Processes, and Technology and is
organized according to the steps executives would follow in order to develop
an information security program for their company. Key elements of the
program include staffing this function at a company, putting the necessary
internal processes in place, and implementing the appropriate technology.
Business executives will find this book a good primer for understanding the key
existing and future security issues, and for taking the necessary action to ensure
the protection of their enterprise's information assets.
The objective of this book is to provide a short cut for executives to learn
more about information security and how it will affect their business in the
future. An overview of information security concepts is provided, so they can
be better prepared to evaluate how their company is addressing information
security.
Provides a "short cut" for executives to learn more about information security and how it will affect their business.
Foreword by Richard Clarke, Former Chairman of the President's Critical Infrastructure Protection Board and Former Special Advisor to the President for Cyber Security.
Symantec Press--the publicity power of Symantec's PR team will boost exposure and sales.
The book provides a pragmatic approach to evaluating security at a company and putting together an effective information security program. The book focuses on three key themes; People, Processes, and Technology and is organized according to the steps executives would follow in order to develop an information security program for their company. Key elements of the program include staffing this function at a company, putting the necessary internal processes in place, and implementing the appropriate technology. Business executives will find this book a good primer for understanding the key existing and future security issues, and for taking the necessary action to ensure the protection of their enterprise's information assets. The objective of this book is to provide a "short cut" for executives to learn more about information security and how it will affect their business in the future. An overview of information security concepts is provided, so they can be better prepared to evaluate how their company is addressing information security. Product Description
The book provides a pragmatic approach to evaluating security at a companyand putting together an effective information security program. The bookfocuses on three key themes; People, Processes, and Technology and isorganized according to the steps executives would follow in order to developan information security program for their company. Key elements of theprogram include staffing this function at a company, putting the necessaryinternal processes in place, and implementing the appropriate technology.Business executives will find this book a good primer for understanding the keyexisting and future security issues, and for taking the necessary action to ensurethe protection of their enterprise's information assets.The objective of this book is to provide a short cut for executives to learnmore about information security and how it will affect their business in thefuture. An overview of information security concepts is provided, so they canbe better prepared to evaluate how their company is addressing informationsecurity.
Features + Benefits
A primer on why cyber security is imperative--from the CIO of Symantec, the global leader in information security.
° Provides a short cut for executives to learn more about information security and how it will affect their business.
° Foreword by Richard Clarke, Former Chairman of the President's Critical Infrastructure Protection Board and Former Special Advisor to the President for Cyber Security.
° Symantec Press--the publicity power of Symantec's PR team will boost exposure and sales.
Backcover
Praise for The Executive Guide to Information Security
In today's world, no business can operate without securing its computers. This book conveys that message in clear, concise terms and acts as a tremendous primer to CEOs.
-from the Foreword by Richard A. Clarke
Every CEO is responsible for protecting the assets of their corporation-the people, intellectual property, corporate and customer information, infrastructure, network, and computing resources. This is becoming both more important and more difficult with the rise in the number and sophistication of cyber threats. This book helps the CEO understand the issues and ask the right questions to implement a more effective strategy for their business.
-Steve Bennett, president and CEO, Intuit
Mark Egan and Tim Mather help nontechnical executives gain a comprehensive perspective over the security challenges that all companies face today. This book is well structured and practical. Yet, it also stresses that a strategic approach to cyber security is essential, and that tone at the top will determine the effectiveness of any corporate cyber security policy.
-Eric Benhamou, chairman of the board of directors, 3Com Corporation, palmOne, and PalmSource, Inc
This book is not about cyber security; it's about managing one's company and the role that cyber security plays in that scenario. It's chilling to think of how vulnerable the assets of a business are on a computer network; this book is a fire alarm in the night for business executives to realize computer security is not a tech issue-it's a business issue worthy of the same attention and priority that business executives might place on any other mission-critical element of their company.
-George Reyes, CFO, Google
This is a must read for any executive of any size company. The Internet makes all businesses equal in that they are subject to the same types of threats regardless of their product. In this book, the CIO and security director of one of the top security companies makes the business case for security and tells you what to do to successfully mitigate threats.
-Howard A. Schmidt, former cyber security advisor to the White House, CSO Microsoft, and VP CISO eBay
This book gives an excellent overview of the issues around securing information at a time in our history when information is extremely vulnerable to outside attack, retrieval, or manipulation. Steps taken now can make a huge difference to a company's ability to survive and thrive in a heterogeneous attack culture.
-Bob Concannon, Global Practice Leader, Boyden Global Executive Search
Few if any books expose the business executive to the serious and critical nature of existing and evolving security issues using nontechnical terms. Executives can no longer afford to delegate the responsibility and accountability for security without understanding the issues and without assuming the ultimate responsibility for security in the firm. This book should become required reading for every business executive, regardless of product or company size.
-John Moreno, chair, MS in Information Technology, Golden Gate University
This book details the what, why, and how to solve issues of information security in business today. It gives examples many people will recognize from the press, discusses the basics of information security in a very understandable way, and reviews approaches for addressing these risks and threats.
-David Schwartz, managing director, Derivative Products Risk Advisors, Inc.
This book fills a void by addressing the key criteria executives need to consider when implementing an effective information security plan within their organization.
-Shobana Gubbi, former project manager of IOS Technologies, Cisco
A Business-Focused Information Security Action Plan for Every Executive Today, every executive must understand information security from a business perspective. Now, this concise book tells business leaders exactly what they need to know to make intelligent decisions about security-without ever getting lost in the technical complexities.
The Executive Guide to Information Security offers realistic, step-by-step recommendations for evaluating and improving information security in any enterprise. From start to finish, the focus is on action: what works and how to get it done. Here are just a few of the things you will be learning:
Understanding your security challenges and obligations
Trends in security attacks
Systematically identifying your risks and vulnerabilities
Implementing best-practice processes for access, acceptable use, training, strategy, and emergency response
Effective executive leadership, governance, and metrics
Staffing security-coping with a shortage of expertise
Whether you're a CxO, a line-of-business executive, or an IT executive who needs to get colleagues up to speed, this is the nontechnical, business-driven security briefing you've been searching for.
Mark Egan is chief information officer and vice president of the Information Technology Division of Symantec. In this role, he is responsible for all internal systems and security at Symantec. Egan is the co-chair of TechNet's Cyber Security Best Practices Campaign and a frequent speaker on best practices for information security and information technology.
TIM MATHER, Symantec's vice president and chief information security officer, is responsible for Symantec's information security program. Mather is a Certified Information Systems Security Professional and a Certified Information Systems Manager.
The authors' profits from this book will support a scholarship program for underprivileged students planning IT careers.
© Copyright Pearson Education. All rights reserved.
Foreword.
Preface.
1. The Information Security Challenge.
2. Information Security Overview.
3. Developing Your Information Security Program.
4. People.
5. Process.
6. Technology.
7. Information Security Roadmap.
8. View Into The Future.
9. Summary.
Appendix A. Security Evaluation Framework.
Appendix B. Information Security Web Sites.
Appendix C. Operational Security Standards.
Appendix D. Sample Security Job Descriptions.
Glossary.
Index.
The book provides a pragmatic approach to evaluating security at a company
and putting together an effective information security program. The book
focuses on three key themes; People, Processes, and Technology and is
organized according to the steps executives would follow in order to develop
an information security program for their company. Key elements of the
program include staffing this function at a company, putting the necessary
internal processes in place, and implementing the appropriate technology.
Business executives will find this book a good primer for understanding the key
existing and future security issues, and for taking the necessary action to ensure
the protection of their enterprise's information assets.
The objective of this book is to provide a short cut for executives to learn
more about information security and how it will affect their business in the
future. An overview of information security concepts is provided, so they can
be better prepared to evaluate how their company is addressing information
security.