Information Security A Practical Guide - Bridging the gap between IT and management

SKU: 4575

Authors: Tom Mooney
Publishers: ITGP

Format: PDF
ISBN13: 9781849287418
Pages: 116
Published: 30 Jun 2015
Availability: Always Available

Format: ePub
ISBN13: 9781849287425
Pages: 116
Published: 30 Jun 2015
Availability: Always Available

Provides an overview of basic information security practices that will enable your security team to better engage with their peers to address the threats facing the organization as a whole.

Buy now, pay later! Enjoy the benefits of paying by purchase order with an IT Governance corporate account. Apply online today or call our training sales team on +1 877 317 3454.

Options:

PDF

ePub

Price: $37.99

Product overview
About the author

Overview

How do you engage with your peers when they think you’re there to stop them working?

Corporate information security is often hindered by a lack of adequate communication between the security team and the rest of the organization. Information security affects the whole company and is a responsibility shared by all staff, so failing to obtain wider acceptance can endanger the security of the entire organization. Many consider information security a block, not a benefit, however, and view security professionals with suspicion if not outright hostility. As a security professional, how can you get broader buy-in from your colleagues?

Information Security: A Practical Guide addresses that issue by providing an overview of basic information security practices that will enable your security team to better engage with their peers to address the threats facing the organization as a whole.

Product overview

Covering everything from your first day at work as an information security professional to developing and implementing enterprise-wide information security processes, Information Security: A Practical Guide explains the basics of information security and how to explain them to management and others so that security risks can be appropriately addressed.

Topics covered include:

How to understand the security culture of the organization
Getting to know the organization and building relationships with key personnel
How to identify gaps in the organization’s security set-up
The impact of compromise on the organization
Identifying, categorizing and prioritizing risks
The five levels of risk appetite and how to apply risk treatments via security controls

How to raise security awareness and engage with specific peer groups
Understanding the threats facing your organization and how to communicate them
System mapping and documentation (including control boundaries and where risks exist)
The importance of conducting regular penetration testing and what to do with the results
Information security policies and processes
A standards-based approach to information security

If you’re starting a new job as an information security professional, Information Security: A Practical Guide contains all you need to know.

About the author

Tom Mooney

Tom Mooney has over ten years’ IT experience working with sensitive information. His current role is as a security risk advisor for the UK Government, where he works with project teams and the wider organization to deliver key business systems securely. His key responsibility is to act as an intermediary between management and IT teams to ensure appropriate security controls are put in place. His extensive experience has led him to develop many skills and techniques to converse with people who are not technical or information security experts. Many of these skills and techniques are found in this book.

He has a BSc (Hons) in information and computer security and is also a CESG certified professional.

Customer reviews

Please login to your account to leave a review.