Free Best A Practical Guide to Managing Information Security (Artech House Technology Management Library)Author Steve Purser – Schematicwiringdiagram.co

Steve focuses on providing practical guidance for the IT security professional He not only focuses on the security elements of deploying and managing IT security initiatives but he also describes the crucial management aspects of it as well Written by a security practioner for security practioners, this book is a must read for anyone seriously engaged in the field. This groundbreaking book helps you master the management of information security, concentrating on the recognition and resolution of the practical issues of developing and implementing It security for the enterprise Drawing upon the authors wealth of valuable experience in high risk commercial environments, the work focuses on the need to align the information security process as a whole with the requirements of the modern enterprise, which involves empowering business managers to manage information security related risk Throughout, the book places emphasis on the use of simple, pragmatic risk management as a tool for decision making The first book to cover the strategic issues of It security, it helps you to understand the difference betweentheoretical treatments of information security and operational reality learn how information security risk can be measured and subsequently managed define and execute an information security strategy design and implement a security architecture and ensure that limited resources are used optimally Illustrated by practical examples, this topical volume reveals the current problem areas in It security deployment and management Moreover, it offers guidelines for writing scalable and flexible procedures for developing an It security strategy and monitoring its implementation You discover an approach for reducing complexity and risk, and find tips for building a successful team and managing communications issues within the organization This essential resource provides practical insight into contradictions in the current approach to securing enterprise wide It infrastructures, recognizes the need to continually challenge dated concepts, demonstrates the necessity of using appropriate risk management techniques, and evaluates whether or not a given risk is acceptable in pursuit of future business opportunities. This book is a good resource for security professionals It provides a broad review of Information Security management techniques and describes some of the controls, mainly technical controls The fictitious case study is useful because it illustrates the way decisions are often made in real life and provides examples of the kind of trade offs that are often necessary This is definitively not an IT Security encyclopedia However the main areas of IT Security are covered without making a decision on behalf of the reader. Excellent This book strikes exactly the right balance between providing real life, pragmatic guidance in the management of information security, and at the same time provides sufficient technical and operational depth to the subject matter overall The book is well structured and very clear, and provides a coherent approach to addressing strategic and tactical information security issues Security technologies, policies, procedures and processes are clearly explained and practically demonstrated but the greatest benefit of this book is that it sets risk and security in the context of a functioning organisation in this case a bank and provides answers to the concerns of senior management, technical staff and business managers in a way that supports, not hinders, the organisation Highly recommended reading. Excellent This book strikes exactly the right balance between providing real life, pragmatic guidance in the management of information security, and at the same time provides sufficient technical and operational depth to the subject matter overall The book is well structured and very clear, and provides a coherent approach to addressing strategic and tactical information security issues Security technologies, policies, procedures and processes are clearly explained and practically demonstrated but the greatest benefit of this book is that it sets risk and security in the context of a functioning organisation in this case a bank and provides answers to the concerns of senior management, technical staff and business managers in a way that supports, not hinders, the organisation Highly recommended reading.