Cantitate/Preț
Produs

Managing Risk and Information Security: Protect to Enable

Autor Malcolm W. Harkins
en Limba Engleză Paperback – 11 aug 2016
Examine the evolving enterprise security landscape and discover how to manage and survive risk. While based primarily on the author’s experience and insights at major companies where he has served as CISO and CSPO, the book also includes many examples from other well-known companies and provides guidance for a management-level audience.
Managing Risk and Information Security provides thought leadership in the increasingly important area of enterprise information risk and security. It describes the changing risk environment and why a fresh approach to information security is needed. Because almost every aspect of an enterprise is now dependent on technology not only for internal operations but increasing as a part of product or service creation, the focus of IT security must shift from locking down assets to enabling the business while managing and surviving risk.
This edition discusses business risk from a broader perspective, including privacy and regulatory considerations. It describes the increasing number of threats and vulnerabilities and offers strategies for developing solutions. These include discussions of how enterprises can take advantage of new and emerging technologies—such as social media and the huge proliferation of Internet-enabled devices—while minimizing risk.
What You'll Learn
  • Review how people perceive risk and the effects it has on information security
  • See why different perceptions of risk within an organization matters
  • Understand and reconcile these differing risk views
  • Gain insights into how to safely enable the use of new technologies
Who This Book Is For
The primary audience is CIOs and other IT leaders, CISOs and other information security leaders, IT auditors, and other leaders of corporate governance and risk functions. The secondary audience is CEOs, board members, privacy professionals, and less senior-level information security and risk professionals.
"Harkins’ logical, methodical approach as a CISO to solving the most complex cybersecurity problems is reflected in the lucid style of this book. His enlightened approach to intelligence-based security infrastructure and risk mitigation is our best path forward if we are ever to realize the vast potential of the innovative digital world we are creating while reducing the threats to manageable levels. The author shines a light on that path in a comprehensive yet very readable way." —Art Coviello, Former CEO and Executive Chairman, RSA

  




Citește tot Restrânge

Preț: 23397 lei

Preț vechi: 29247 lei
-20% Nou

Puncte Express: 351

Preț estimativ în valută:
4478 4651$ 3719£

Carte tipărită la comandă

Livrare economică 03-17 februarie 25

Preluare comenzi: 021 569.72.76

Specificații

ISBN-13: 9781484214565
ISBN-10: 1484214560
Pagini: 160
Ilustrații: XXVII, 187 p. 20 illus. in color.
Dimensiuni: 155 x 235 x 16 mm
Greutate: 0.31 kg
Ediția:2nd ed.
Editura: Apress
Colecția Apress
Locul publicării:Berkeley, CA, United States

Public țintă

Popular/general

Cuprins

Chapter 1 Introduction.- Chapter 2 Misperception of Risk.- Chapter 3 Governance and Internal Partnerships.- Chapter 4 External Partnerships.- Chapter 5 People Are the Perimeter.- Chapter 6 Emerging Capabilities and Usage Models.- Chapter 7 A New Security Architecture to Improve Business Agility.- Chapter 8 Looking to the Future.- Chapter 9 Corporate Social Responsibility.- Chapter 10 The 21st Century CISO.- Chapter 11 Performance Coaching.- Appendix A: References.




     

Recenzii

“Harkins provides a good, high-level overview of the security landscape and describes an approach that can be used by an enterprise to manage information risk and security in an environment of rapidly changing and evolving threats. The book is well supported with diagrams and has a detailed table of contents and a thorough list of references as an appendix. … it is quite readable and offers management guidance based on Harkins’ experience.” (Scott Moody, Computing Reviews, May, 2017) 

Notă biografică

Malcolm Harkins is the Global Chief Information Security Officer (CISO) at Cylance Corporation. In this role he is responsible for all aspects of information risk and security, security and privacy policy, and for peer outreach activities to drive improvement across the world in the understanding of cyber risks and best practices to manage and mitigate those risks. 
Previously Malcolm was Vice President and Chief Security and Privacy Officer (CSPO) at Intel Corporation. In that role Malcolm was responsible for managing the risk, controls, privacy, security, and other related compliance activities for all of Intel’s information assets, products and services. 
Before becoming Intel’s first CSPO he was the Chief Information Security Officer (CISO) reporting into the Chief Information Officer. Malcolm also held roles in Finance, Procurement and various business operations. He has managed IT benchmarking efforts and Sarbanes Oxley systems compliance efforts. Harkins acted as the profit and loss manager for the Flash Product Group at Intel; was the general manager of Enterprise Capabilities, responsible for the delivery and support of Intel’s Finance and HR systems; and worked in an Intel business venture focusing on e-commerce hosting.
Malcolm previously taught at the CIO institute at the UCLA Anderson School of Business and was an adjunct faculty member at Susquehanna University in 2009. In 2010, he received the excellence in the field of security award at the RSA conference. He was recognized by Computerworld magazine as one of the top 100 Information Technology Leaders for 2012. (ISC)2 recognized Malcolm in 2012 with the Information Security Leadership Award. In September of 2013 Malcolm was recognized as one of the top 10 breakaway security leaders at the Global CISO executive summit. In addition, in November of 2015 he received the Security Advisor Alliance Excellence in Innovation Award. He is a Fellow with the Institute for Critical Infrastructure Technology, a non-partisan think-tank providing objective advice on cybersecurity to the House, Senate, and a variety of federal agencies. Malcolm is a sought after speaker for industry events, he is also an author of many white papers, and in December 2012 he published his first book titled Managing Risk and Information Security, Protect to Enable. He also is a contributing author to a book titled Introduction to IT Privacy, a Handbook for Technologists a publication from the International Association of Privacy Professionals that was published in March 2014. 
Malcolm received his bachelor’s degree in economics from the University of California at Irvine and an MBA in finance and accounting from the University of California at Davis.



Caracteristici

Discusses how enterprise risk and security requirements are changing, and why a new approach to risk and security management is needed Covers the principles of enterprise information security governance Shows the impact of new technologies on information security