BN.com Gift Guide

Managing Risk and Information Security: Protect to Enable [NOOK Book]

Overview



Managing Risk and Information Security: Protect to Enable, an ApressOpen title, describes the changing risk environment and why a fresh approach to information security is needed. Because almost every aspect of an enterprise is now dependent on technology, the focus of IT security must shift from locking down assets to enabling the business while managing and surviving risk. This compact book discusses business risk from a broader perspective, including privacy and regulatory considerations. It describes the ...

See more details below
Managing Risk and Information Security: Protect to Enable

Available on NOOK devices and apps  
  • NOOK Devices
  • Samsung Galaxy Tab 4 NOOK 7.0
  • Samsung Galaxy Tab 4 NOOK 10.1
  • NOOK HD Tablet
  • NOOK HD+ Tablet
  • NOOK eReaders
  • NOOK Color
  • NOOK Tablet
  • Tablet/Phone
  • NOOK for Windows 8 Tablet
  • NOOK for iOS
  • NOOK for Android
  • NOOK Kids for iPad
  • PC/Mac
  • NOOK for Windows 8
  • NOOK for PC
  • NOOK for Mac
  • NOOK for Web

Want a NOOK? Explore Now

NOOK Book (eBook)
FREE

Overview



Managing Risk and Information Security: Protect to Enable, an ApressOpen title, describes the changing risk environment and why a fresh approach to information security is needed. Because almost every aspect of an enterprise is now dependent on technology, the focus of IT security must shift from locking down assets to enabling the business while managing and surviving risk. This compact book discusses business risk from a broader perspective, including privacy and regulatory considerations. It describes the increasing number of threats and vulnerabilities, but also offers strategies for developing solutions. These include discussions of how enterprises can take advantage of new and emerging technologies—such as social media and the huge proliferation of Internet-enabled devices—while minimizing risk.









With ApressOpen, content is freely available through multiple online distribution channels and electronic formats with the goal of disseminating professionally edited and technically reviewed content to the worldwide community.







Here are some of the responses from reviewers of this exceptional work:









“Managing Risk and Information Security is a perceptive, balanced, and often thought-provoking exploration of evolving information risk and security challenges within a business context.  Harkins clearly connects the needed, but often-overlooked linkage and dialog between the business and technical worlds and offers actionable strategies.   The book contains eye-opening security insights that are easily understood, even by the curious layman.”









Fred Wettling, Bechtel Fellow, IS&T Ethics & Compliance Officer, Bechtel    









“As disruptive technology innovations and escalating cyber threats continue to create enormous information security challenges, Managing Risk and Information Security: Protect to Enable provides a much-needed perspective. This book compels information security professionals to think differently about concepts of risk management in order to be more effective. The specific and practical guidance offers a fast-track formula for developing information security strategies which are lock-step with business priorities.”









Laura Robinson, Principal, Robinson Insight





Chair, Security for Business Innovation Council (SBIC)





Program Director, Executive Security Action Forum (ESAF)









“The mandate of the information security function is being completely rewritten. Unfortunately most heads of security haven’t picked up on the change, impeding their companies’ agility and ability to innovate. This book makes the case for why security needs to change, and shows how to get started. It will be regarded as marking the turning point in information security for years to come.”









Dr. Jeremy Bergsman, Practice Manager, CEB    









“The world we are responsible to protect is changing dramatically and at an accelerating pace. Technology is pervasive in virtually every aspect of our lives. Clouds, virtualization and mobile are redefining computing – and they are just the beginning of what is to come. Your security perimeter is defined by wherever your information and people happen to be. We are attacked by professional adversaries who are better funded than we will ever be. We in the information security profession must change as dramatically as the environment we protect. We need new skills and new strategies to do our jobs effectively. We literally need to change the way we think.  









Written by one of the best in the business, Managing Risk and Information Security challenges traditional security theory with clear examples of the need for change. It also provides expert advice on how to dramatically increase the success of your security strategy and methods – from dealing with the misperception of risk to how to become a Z-shaped CISO.  









Managing Risk and Information Security
is the ultimate treatise on how to deliver effective security to the world we live in for the next 10 years. It is absolute must reading for anyone in our profession – and should be on the desk of every CISO in the world.”  









Dave Cullinane, CISSP





CEO Security Starfish, LLC









“In this overview, Malcolm Harkins delivers an insightful survey of the trends, threats, and tactics shaping information risk and security. From regulatory compliance to psychology to the changing threat context, this work provides a compelling introduction to an important topic and trains helpful attention on the effects of changing technology and management practices.”









Dr. Mariano-Florentino Cuéllar Professor, Stanford Law School





Co-Director, Stanford Center for International Security and Cooperation (CISAC), Stanford University    









“Malcolm Harkins gets it. In his new book Malcolm outlines the major forces changing the information security risk landscape from a big picture perspective, and then goes on to offer effective methods of managing that risk from a practitioner's viewpoint. The combination makes this book unique and a must read for anyone interested in IT risk."









Dennis Devlin AVP, Information Security and Compliance, The George Washington University   









“Managing Risk and Information Security is the first-to-read, must-read book on information security for C-Suite executives.  It is accessible, understandable and actionable. No sky-is-falling scare tactics, no techno-babble – just straight talk about a critically important subject. There is no better primer on the economics, ergonomics and psycho-behaviourals of security than this.”









Thornton May, Futurist, Executive Director & Dean, IT Leadership Academy    









“Managing Risk and Information Security is a wake-up call for information security executives and a ray of light for business leaders.  It equips organizations with the knowledge required to transform their security programs from a “culture of no” to one focused on agility, value and competitiveness. Unlike other publications, Malcolm provides clear and immediately applicable solutions to optimally balance the frequently opposing needs of risk reduction and business growth. This book should be required reading for anyone currently serving in, or seeking to achieve, the role of Chief Information Security Officer.”









Jamil Farshchi, Senior Business Leader of Strategic Planning and Initiatives, VISA    









“For too many years, business and security – either real or imagined – were at odds. In Managing Risk and Information Security: Protect to Enable, you get what you expect – real life practical ways to break logjams, have security actually enable business, and marries security architecture and business architecture. Why this book?  It's written by a practitioner, and not just any practitioner, one of the leading minds in Security today.”









John Stewart, Chief Security Officer, Cisco    









“This book is an invaluable guide to help security professionals address risk in new ways in this alarmingly fast changing environment. Packed with examples which makes it a pleasure to read, the book captures practical ways a forward thinking CISO can turn information security into a competitive advantage for their business.   









This book provides a new framework for managing risk in an entertaining and thought provoking way. This will change the way security professionals work with their business leaders, and help get products to market faster.  









The 6 irrefutable laws of information security should be on a stone plaque on the desk of every security professional.”









Steven Proctor, VP, Audit & Risk Management, Flextronics



What you’ll learn


  • The book describes, at a management level, the evolving enterprise security landscape


  • It provides guidance for a management-level audience about how to manage and survive risk




Who this book is for


The target audience is comprised of CIOs and other IT leaders, CISOs and other information security leaders, IT auditors, and other leaders of corporate governance and risk functions. However, it offers wide appeal to those in the risk management and security industries.











Table of Contents1: Introduction: Protect to Enable









2: Misperception of Risk









3: Security Governance and Creating Strong Internal Partnerships









4: External Partnerships









5: People are the Perimeter









6: Emerging Capabilities and Usage Models









7: Emerging Threats and Vulnerabilities









8: A New Security Model









9: The 21st Century CISO









10. References





















Read More Show Less

Product Details

  • ISBN-13: 9781430251149
  • Publisher: Apress
  • Publication date: 12/15/2012
  • Sold by: Barnes & Noble
  • Format: eBook
  • Edition number: 1
  • Pages: 152
  • Sales rank: 98,953
  • File size: 2 MB

Meet the Author

Malcolm Harkins is vice president and Chief Security and Privacy Officer (CSPO) at Intel Corporation. In this role Malcolm is responsible for managing the risk, controls, privacy, security, and other related compliance activities for all of Intel s information assets, products and services.

Before becoming Intel s first CSPO he was the Chief Information Security Officer (CISO) reporting into the Chief Information Officer. Malcolm also held roles in finance, procurement and various business operations. He has managed IT benchmarking efforts and Sarbanes Oxley systems compliance efforts. Harkins acted as the profit and loss manager for the Flash Product Group at Intel; was the general manager of Enterprise Capabilities, responsible for the delivery and support of Intel s finance and HR systems; and worked in an Intel business venture focusing on e-commerce hosting.

Malcolm previously taught at the CIO institute at the UCLA Anderson School of Business and was an adjunct faculty member at Susquehanna University in 2009. In 2010, he received the excellence in the field of security award at the RSA conference. He was recognized by Computerworld magazine as one of the top 100 Information Technology Leaders for 2012. In addition, (ISC)2 recognized Malcolm in 2012 with the Information Security Leadership Award. Malcolm is a frequent speaker at industry events, he is also an author of many white papers.

Malcolm received his bachelor s degree in economics from the University of California at Irvine and an MBA in finance and accounting from the University of California at Davis.

Read More Show Less

Customer Reviews

Average Rating 4
( 2 )
Rating Distribution

5 Star

(0)

4 Star

(2)

3 Star

(0)

2 Star

(0)

1 Star

(0)

Your Rating:

Your Name: Create a Pen Name or

Barnes & Noble.com Review Rules

Our reader reviews allow you to share your comments on titles you liked, or didn't, with others. By submitting an online review, you are representing to Barnes & Noble.com that all information contained in your review is original and accurate in all respects, and that the submission of such content by you and the posting of such content by Barnes & Noble.com does not and will not violate the rights of any third party. Please follow the rules below to help ensure that your review can be posted.

Reviews by Our Customers Under the Age of 13

We highly value and respect everyone's opinion concerning the titles we offer. However, we cannot allow persons under the age of 13 to have accounts at BN.com or to post customer reviews. Please see our Terms of Use for more details.

What to exclude from your review:

Please do not write about reviews, commentary, or information posted on the product page. If you see any errors in the information on the product page, please send us an email.

Reviews should not contain any of the following:

  • - HTML tags, profanity, obscenities, vulgarities, or comments that defame anyone
  • - Time-sensitive information such as tour dates, signings, lectures, etc.
  • - Single-word reviews. Other people will read your review to discover why you liked or didn't like the title. Be descriptive.
  • - Comments focusing on the author or that may ruin the ending for others
  • - Phone numbers, addresses, URLs
  • - Pricing and availability information or alternative ordering information
  • - Advertisements or commercial solicitation

Reminder:

  • - By submitting a review, you grant to Barnes & Noble.com and its sublicensees the royalty-free, perpetual, irrevocable right and license to use the review in accordance with the Barnes & Noble.com Terms of Use.
  • - Barnes & Noble.com reserves the right not to post any review -- particularly those that do not follow the terms and conditions of these Rules. Barnes & Noble.com also reserves the right to remove any review at any time without notice.
  • - See Terms of Use for other conditions and disclaimers.
Search for Products You'd Like to Recommend

Recommend other products that relate to your review. Just search for them below and share!

Create a Pen Name

Your Pen Name is your unique identity on BN.com. It will appear on the reviews you write and other website activities. Your Pen Name cannot be edited, changed or deleted once submitted.

 
Your Pen Name can be any combination of alphanumeric characters (plus - and _), and must be at least two characters long.

Continue Anonymously
Sort by: Showing all of 2 Customer Reviews
  • Anonymous

    Posted October 6, 2013

    No text was provided for this review.

  • Anonymous

    Posted April 29, 2014

    No text was provided for this review.

Sort by: Showing all of 2 Customer Reviews

If you find inappropriate content, please report it to Barnes & Noble
Why is this product inappropriate?
Comments (optional)