Building a Comprehensive IT Security Program: Practical Guidelines and Best Practices
- Length: 195 pages
- Edition: 1st ed.
- Language: English
- Publisher: Apress
- Publication Date: 2016-07-28
- ISBN-10: 1484220528
- ISBN-13: 9781484220528
- Sales Rank: #2278184 (See Top 100 Books)
This book explains the ongoing war between private business and cyber criminals, state-sponsored attackers, terrorists, and hacktivist groups. Further, it explores the risks posed by trusted employees that put critical information at risk through malice, negligence, or simply making a mistake. It clarifies the historical context of the current situation as it relates to cybersecurity, the challenges facing private business, and the fundamental changes organizations can make to better protect themselves. The problems we face are difficult, but they are not hopeless.
Cybercrime continues to grow at an astounding rate. With constant coverage of cyber-attacks in the media, there is no shortage of awareness of increasing threats. Budgets have increased and executives are implementing stronger defenses. Nonetheless, breaches continue to increase in frequency and scope.
Building a Comprehensive IT Security Program shares why organizations continue to fail to secure their critical information assets and explains the internal and external adversaries facing organizations today. This book supplies the necessary knowledge and skills to protect organizations better in the future by implementing a comprehensive approach to security.
Jeremy Wittkop’s security expertise and critical experience provides insights into topics such as:
- Who is attempting to steal information and why?
- What are critical information assets?
- How are effective programs built?
- How is stolen information capitalized?
- How do we shift the paradigm to better protect our organizations?
- How we can make the cyber world safer for everyone to do business?
Table of Contents
Chapter 1: The Problem We Are Facing
Chapter 2: Protecting Critical Assets
Chapter 3: Monetizing Risk
Chapter 4: Security Intelligence Model
Chapter 5: Incident Response Planning
Chapter 6: The People Problem
Chapter 7: Assigning Accountability
Chapter 8: Shifting the Paradigm
Chapter 9: The Definition of Insanity
Chapter 10: Deja Vu
Chapter 11: The Information Security Community
Chapter 12: Partnering with Governments