Ebook Download Enterprise Security for the Executive: Setting the Tone from the Top (PSI Business Security)
Find your very own page to be adapted what your requirement is. However, remember. It is a fantastic publication. You can find it as one of one of the most advised publication in this day. When you have actually discovered and also got it, don't just take for the certain page. All pages worry about valuable as well as vital information. It will affect you how to get the most effective thing while reading.
Enterprise Security for the Executive: Setting the Tone from the Top (PSI Business Security)
Ebook Download Enterprise Security for the Executive: Setting the Tone from the Top (PSI Business Security)
Why you should read everyday when you have spare time? Have you figured out the exact reasons of you to review? Many are trying to have analysis behavior for their better future, yet as a matter of fact, it can be fallen short. Just what's wrong? Is the analysis habit a culture, actually behavior, necessity, or something others? If you actually wish to know the number of people aim to inspire themselves to have reading routine, you an also be influenced of it.
If you ally require such a referred Enterprise Security For The Executive: Setting The Tone From The Top (PSI Business Security) book that will provide you value, get the best vendor from us now from several popular publishers. If you wish to entertaining publications, many stories, story, jokes, and much more fictions compilations are likewise released, from best seller to one of the most current launched. You might not be perplexed to enjoy all book collections Enterprise Security For The Executive: Setting The Tone From The Top (PSI Business Security) that we will provide. It is not regarding the prices. It has to do with just what you require currently. This Enterprise Security For The Executive: Setting The Tone From The Top (PSI Business Security), as one of the very best vendors right here will be among the right selections to review.
Reviewing as understand will certainly always provide you brand-new thing. It will distinguish you with others. You have to be better after reading this publication. If you feel that it's very good book, tell to others. Enterprise Security For The Executive: Setting The Tone From The Top (PSI Business Security) as one of the most wanted publications ends up being the next factor of why it is picked. Also this publication is basic one; you can take it as recommendation.
In offering the information, we also reveal various other book collections. We realize that nowadays many individuals like reading so much. So, finding hundreds of guides below in this on-line book is very simple. Searching and also surfing can be done anywhere you are. It is the method you use the contemporary innovation as web link to link to this website. From this situation, we're actually sure that everyone needs are covered in some books, the certain publications based on the topics as well as demands. As the Enterprise Security For The Executive: Setting The Tone From The Top (PSI Business Security) that is now preventative.
Review
"The one true power of the executive is the power to appoint. The one true measure of the executive is what did not happen on their watch. These truths are rarely acknowledged, and uncommonly understood. Jennifer Bayuk understands them as she has lived them, and she has lived them because she understands. She does not write for everyone; perhaps she writes for you.' " (Dan Geer, Chief Information Security Officer, In-Q-Tel)"This book is an excellent read of the practical aspects of building, marketing and maintaining an effective security program, within a business enterprise. It tells it like it is, including how to deal with corporate culture.'" (Dan Schutzer, Executive Director, Financial Services Technology Consortium)"Jennifer Bayuk is one of the savviest security professionals in the field today, and so it is no surprise that Enterprise Security for the Executive is an important contribution. It addresses the most challenging and pressing information security issue: the lack of practical experience and institutional memory at the C-level and in the Board Room. Put this book in the hands of a responsible executive, and you have something more formidable than the most sophisticated authentication system or the most powerful crypto -- someone who can make a mandate meaningful and a plan pervasive." (Richard Power, Distinguished Fellow, Carnegie Mellon CyLab)"Enterprise Security for the Executive is a refreshing approach to the realities of what is really needed in the executive ranks to facilitate and drive results around improving your security posture and minimizing your risk exposures. Bayuk provides proven insights around the cultural and political minefields one needs to navigate as you build consensus to drive change across the enterprise. Tone at the top is the motivator in the business world cultural environment. Without it you will struggle to reach meaningful goals and at best will effectuate departmental or perhaps divisional improvements in your profile. This is a must read for anyone who is trying to learn more effective ways to get the ‘people and process' side of the equation right before they consider technology." (Robert F. Gleason, Director Strategic Relations, Ernst & Young LLP)"One of the challenges that we have found over the years is translating 'security speak' into clear business terms and articulating the return on security investment (ROSI). Jennifer, based on a successful career in Information Security, explains the successful way to accomplish this difficult mission. A must read for security and non security professionals." (Prof. Howard A. Schmidt, President & CEO, Information Security Forum, National Cyber Adviser to President Obama)"Jennifer's book will prove invaluable to anyone concerned with improving security!' " (Ed Amoroso, Chief Security Officer, AT&T, author of CyberSecurity, Intrusion Detection, and Fundamentals of Computer Security)"Author Jennifer Bayuk, a well-known thought leader among information security professionals, masterfully draws from her broad experience to guide readers easily through the complexities of security governance." (Warren Axelrod, former Chief Information Security Officer, author of Outsourcing Information Security, and editor, Enterprise Security and Privacy ,)"Enterprise Security for the Executive is a fantastic book. It provides a no-nonsense approach to attaining effective information security. For those executives that are serious about security, the book will be their guiding light down the dark information security tunnel. In its 8 chapters (and a case study), the book focuses on a straightforward and plain-speaking approach to enable CxO's to get a handle on information security. As such, it is hoped that Enterprise Security for the Executive will soon find its way onto every executives required reading list." (Ben Rothke, CISSP, PCI QSASenior Security ConsultantBT Global Services)
Read more
About the Author
Jennifer L. Bayuk is an independent consultant and adjunct professor at Stevens Institute of Technology in Hoboken, NJ.
Read more
Product details
Series: PSI Business Security
Hardcover: 163 pages
Publisher: Praeger (November 25, 2009)
Language: English
ISBN-10: 0313376603
ISBN-13: 978-0313376603
Product Dimensions:
6.1 x 0.4 x 9.2 inches
Shipping Weight: 15.2 ounces (View shipping rates and policies)
Average Customer Review:
3.1 out of 5 stars
3 customer reviews
Amazon Best Sellers Rank:
#2,927,150 in Books (See Top 100 in Books)
Today's corporations must do everything possible to protect and secure our customer's information. Start with "buy-in" from the top or it will be a losing battle and utimately you'll lose customer confidence. Must read for information security professionals.
If Shakespeare were to write an information security tragedy, it would not be titled Hamlet, rather Bayuk. The story of Jennifer Bayuk is tragic in that she spent a decade as CISO at Bear, Stearns, building up its security group to be one of the best in the business; only to find it vaporized when the firm collapsed and was acquired by J.P. Morgan Clearing Corp. After all that toil and sweat, Bayuk was out of a job. (Full disclosure: Bayuk and I have given a presentation together in the past, and I did get a copy of this book for free.)While the information security engineering group that was at Bear, Stearns is no more, Bayuk has taken her vast expertise and put it in a great new book: Enterprise Security for the Executive: Setting the Tone from the Top. While many other books equate security with technology, and are written for technologists; Bayuk writes that information security is all about management control. And to the extent which a CxO controls assets, is the extent to which others can't use them in unexpected ways.The book is written to help CxO's and business executives become familiar with information security concepts and techniques to make sure they are able to manage and support the efforts of their security team. This is an issue, as a big problem for the poor state of information security is that CxO's are far too often disconnected from their information security groups. No story is more manifest than that of when Heartland Payment Systems CEO Robert Carr blamed his PCI auditors for his firm's security problems. Carr is a perfect example of the type of person that needs to read this book. As an aside, for an excellent reply to Carr's kvetching, read what Rich Mogull wrote in An Open Letter to Robert Carr, CEO of Heartland Payment Systems.While many CxO's think that security is about firewalls and other cool security products, it is truly a top-down management approach, and not a technology one. The book notes that the only way for information security to succeed in an organization is when management understands what their role is.What is unique about the book is that Bayuk uses what she calls SHS (security horror stories). Rather than typical FUD stories, the horror stories detail systematic security problems and how they could have been obviated. By seeing how these companies have done it wrong, it makes it easier for pragmatic organizations to accomplish effective security by setting a strong tone from the top down.Bayuk details the overall problem in the introduction and notes that many CxO's have wrongly spent significant amounts of money on security to avert security incidents; but have done that without any context of a greater information security methodology. The leads to executives thinking that security as nothing more than one long spending pattern.Chapter 1 - Tone at The Top, notes that tone exists at the top, whether it is set or not. The tone is reflected in how an organization thinks about the things it really cares about. Employees can tell how a CxO cares about security by their level of personal involvement. Not that a CxO needs to be, or should be involved with minutia of firewall configuration or system administration; the key is rather that they are for example, championing the effective and consistent use of firewalls and how systems are securely administered.In chapter 5 - Security through Matrix Management - Bayuk does a good job of detailing the various places that the security group can be placed in an organization. The chapter notes that there are as many ways to organize security as there are organization structures. Bayuk writes for example that if CxO's in a given organization are a tight-knit group, accustomed to close coordination, then it should not matter to which CxO the person managing information security reports to. If that is not the case, there may be multiple security programs that end up far too below the required C-levels that are needed for effective security. The chapter provides a number of different organizational scenarios, with requisite roles and responsibilities.Chapter 5 closes with an important observation that a CxO should task the human resources department to put a line in all performance reviews whereby managers attest (or not) that the person being reviewed follows security policy. A CxO should fire people who willfully avoid compliance with security policy. Whatever tone at the top exists should be employed to make sure that everyone knows that the CxO is serious about the corporate security program. Such a tone clearly demonstrates an organization that is resolute about information security.One thing that Bayuk does very well repeatedly throughout the book is to succinctly identify an issue and its cause. In chapter 6 - Navigating the Regulatory Landscape - she writes that if a CxO does not have management control over an organization, then the organization will fail the audit. It will fail because even if the organization is secure today, there is no assurance that it will be going forward. In addition, control means that the CxO will ensure that the organization is attempting to do the right thing. And in such cases, passing an audit is much easier.Overall, Enterprise Security for the Executive is a fantastic book. It provides a no-nonsense approach to attaining effective information security. For those executives that are serious about security, the book will be their guiding light down the dark information security tunnel. In its 8 chapters (and a case study), the book focuses on a straightforward and plain-speaking approach to enable CxO's to get a handle on information security. As such, it is hoped that Enterprise Security for the Executive will soon find its way onto every executive's required reading list.
Out of date. Does not reflect current state of the art.
Enterprise Security for the Executive: Setting the Tone from the Top (PSI Business Security) PDF
Enterprise Security for the Executive: Setting the Tone from the Top (PSI Business Security) EPub
Enterprise Security for the Executive: Setting the Tone from the Top (PSI Business Security) Doc
Enterprise Security for the Executive: Setting the Tone from the Top (PSI Business Security) iBooks
Enterprise Security for the Executive: Setting the Tone from the Top (PSI Business Security) rtf
Enterprise Security for the Executive: Setting the Tone from the Top (PSI Business Security) Mobipocket
Enterprise Security for the Executive: Setting the Tone from the Top (PSI Business Security) Kindle
0 komentar:
Posting Komentar