Management of Information Security offers a fresh, timely perspective on the growing field of Information Security. Designed specifically for students of Information Security Management, this text covers the administration of information security and provides an overview of common management issues. Topics such as Policy, Risk Management, and Security are covered in depth, and are supported by unique pedagogy such as Viewpoints. Threat Management Boxes, and a fictional scenario that runs through the entire text.
Product dimensions: 7.30 (w) x 9.10 (h) x 1.10 (d)
Meet the Author
Michael Whitman, Ph.D., CISM, CISSP, is a professor of information systems and security in the CSIS department at Kennesaw State University, where he also serves as director of the KSU Center for Information Security Education and coordinator for the Bachelor of Science in Information Security and Assurance program. Dr. Whitman is an active researcher in information security, fair and responsible use policies, ethical computing, and information systems research methods. He currently teaches graduate and undergraduate courses in information security and data communications and is an active member of the Computer Security Institute, the Information Systems Security Association, the Georgia Electronic Commerce Association's Information Security Working Group, the Association for Computing Machinery, and the Association for Information Systems. Dr. Whitman has published articles in the industry's top journals and co-authored a number of books in the field published by Course Technology.
Herbert Mattord, M.B.A., CISM, CISSP, gained 24 years of IT industry experience as an application developer, database administrator, project manager, and information security practitioner before joining the faculty at Kennesaw State University in 2002. During his career as an IT practitioner, Mattord served as manager of corporate information technology security at Georgia-Pacific Corporation, where he acquired much of the practical knowledge presented in this textbook. He currently teaches undergraduate courses in information security, data communications, local area networks, database technology, project management, and systems analysis and design. Mattord also serves as coordinator for the Bachelor of Business Administration and Certificate in Information Security and Assurance programs, as well as operations manager of the KSU Center for Information Security Education and Awareness. Mattord is the co-author of several books published by Course Technology and is an active researcher in information security management topics.
Unit I: INTRODUCTION. 1: Introduction to Management of Information Security. UNIT II: PLANNING. 2: Planning for Security. 3: Planning for Contingencies. UNIT III: POLICY AND PROGRAMS. 4: Security Policy. 5: Developing Security Programs. 6: Security Management Models. 7: Security Management Practices. UNIT IV: PROTECTION. 8: Risk Assessment. 9: Controlling Risk. 10: Protection Mechanisms. UNIT V: PEOPLE. 11: Personnel and Security. 12: Law and Ethics. Appendix A : NIST SP 800-26, Security Self-Assessment Guide for Information. Technology Systems and ISO 27002 Questionnaire. Appendix B : Risk Management Models.