World events - including political unrest, recent financial debacles, regulatory changes, economic swings, privacy concerns, and security breaches - have raised the awareness of information security and IT risk assurance in the executive ranks. Enterprise security - encompassing the disciplines of traditional IT/Internet security, risk management, and privacy governance - has one simple mission: protecting corporate information assets.
Enterprise security leaders are expected to fully understand the organization`s business strategy as well as its political and legal environment. To be successful, security professionals must combine strategic skills (such as the ability to develop and implement policies and programs to control risk) with highly tactical and technical skills like those involved in IT security deployment strategies (e.g., access control, firewalls, antivirus software, intrusion detection, forensics).
The Enterprise Security Desk Reference is the only reference guide of its kind designed for CIOs, CSOs, and security and risk management executives. It explains the fundamental role and implications of an enterprise security executive function within the organization and how to best structure an enterprise security program that integrates the disciplines of security, risk management, and privacy governance. The guide details the skill sets that will be key to success during 2003-05, bringing together security, risk management, and privacy core competencies as they relate to IT. The guide details a comprehensive approach for creating and implementing an enterprise security program and outlines the techniques, best practices, models, and templates to help accelerate implementation.
This latest desk reference covers:
* Secure enterprises: Defining the role of enterprise security; integrating security, privacy, and risk management; enterprise security and IT portfolio management
* Development of an enterprise security program: Building a security center of excellence; the enterprise security game plan; requirements, priorities; projects
* Risk management (RM): RM strategies; risk assessment; RM tools and techniques
* Privacy: Fundamentals of privacy; privacy and e-business (including consumer privacy); privacy within the organization
* Technology solutions and best practices for enterprise security: Technology overview and trends; incident response; developing an enterprise security policy; governance; marketing and funding the enterprise security program; configuration and risk management
*Industry-specific insights (e.g., government, healthcare)
Share
Editorial contacts