Mission-Critical Security Planner: When Hackers Won't Take No for an Answer / Edition 1

Paperback (Print)
Buy New
Buy New from BN.com
$39.50
Used and New from Other Sellers
Used and New from Other Sellers
from $1.99
Usually ships in 1-2 business days
(Save 96%)
Other sellers (Paperback)
  • All (18) from $1.99   
  • New (8) from $7.74   
  • Used (10) from $1.99   

Overview

  • Shows step-by-step how to complete a customized security improvement plan, including analyzing needs, justifying budgets, and selecting technology, while dramatically reducing time and cost
  • Includes worksheets at every stage for creating a comprehensive security plan meaningful to management and technical staff
  • Uses practical risk management techniques to intelligently assess and manage the network security risks facing your organization
  • Presents the material in a witty and lively style, backed up by solid business planning methods
  • Companion Web site provides all worksheets and the security planning template
Read More Show Less

Editorial Reviews

From the Publisher
“…This book is unique in its approach…and in conveying the overall strategy to the reader…”(Managing Risk, Summer 2003)
Read More Show Less

Product Details

  • ISBN-13: 9780471211655
  • Publisher: Wiley
  • Publication date: 1/20/2003
  • Edition description: First Edition
  • Edition number: 1
  • Pages: 432
  • Product dimensions: 9.25 (w) x 7.50 (h) x 0.89 (d)

Meet the Author

Eric Greenberg is Chief Technical Officer and Co-Founder of NetFrameworks, Inc., a provider of professional security services. He was Group Security Product Manager for Netscape, where he led the rollout of a suite of groundbreaking security technologies, including the Secure Sockets layer (SSL) protocol. Previously, he was the Director of Engineering at Sprint International and Chief Operating Officer with Litronic.
Read More Show Less

Table of Contents

Introduction.

Chapter 1. Setting the Stage for Successful Security Planning.

Chapter 2. A Security Plan That Works.

Chapter 3. Using the Security Plan Worksheets: The Fundamentals.

Chapter 4. Using the Security Plan Worksheets: The Remaining Core and Wrap-up Elements.

Chapter 5. Strategic Security Planning with PKI.

Chapter 6. Ahead of the Hacker: Best Practices and a View of the Future.

For Further Reading.

Glossary.

Index.

Read More Show Less

Customer Reviews

Be the first to write a review
( 0 )
Rating Distribution

5 Star

(0)

4 Star

(0)

3 Star

(0)

2 Star

(0)

1 Star

(0)

Your Rating:

Your Name: Create a Pen Name or

Barnes & Noble.com Review Rules

Our reader reviews allow you to share your comments on titles you liked, or didn't, with others. By submitting an online review, you are representing to Barnes & Noble.com that all information contained in your review is original and accurate in all respects, and that the submission of such content by you and the posting of such content by Barnes & Noble.com does not and will not violate the rights of any third party. Please follow the rules below to help ensure that your review can be posted.

Reviews by Our Customers Under the Age of 13

We highly value and respect everyone's opinion concerning the titles we offer. However, we cannot allow persons under the age of 13 to have accounts at BN.com or to post customer reviews. Please see our Terms of Use for more details.

What to exclude from your review:

Please do not write about reviews, commentary, or information posted on the product page. If you see any errors in the information on the product page, please send us an email.

Reviews should not contain any of the following:

  • - HTML tags, profanity, obscenities, vulgarities, or comments that defame anyone
  • - Time-sensitive information such as tour dates, signings, lectures, etc.
  • - Single-word reviews. Other people will read your review to discover why you liked or didn't like the title. Be descriptive.
  • - Comments focusing on the author or that may ruin the ending for others
  • - Phone numbers, addresses, URLs
  • - Pricing and availability information or alternative ordering information
  • - Advertisements or commercial solicitation

Reminder:

  • - By submitting a review, you grant to Barnes & Noble.com and its sublicensees the royalty-free, perpetual, irrevocable right and license to use the review in accordance with the Barnes & Noble.com Terms of Use.
  • - Barnes & Noble.com reserves the right not to post any review -- particularly those that do not follow the terms and conditions of these Rules. Barnes & Noble.com also reserves the right to remove any review at any time without notice.
  • - See Terms of Use for other conditions and disclaimers.
Search for Products You'd Like to Recommend

Recommend other products that relate to your review. Just search for them below and share!

Create a Pen Name

Your Pen Name is your unique identity on BN.com. It will appear on the reviews you write and other website activities. Your Pen Name cannot be edited, changed or deleted once submitted.

 
Your Pen Name can be any combination of alphanumeric characters (plus - and _), and must be at least two characters long.

Continue Anonymously
Sort by: Showing 1 Customer Reviews
  • Anonymous

    Posted March 3, 2003

    Comprehensive & Practical Security Planner

    Greenberg advocates an actionable, meaningful security approach that doesn't get hung up on methodology or reliance on abstract standards, like DoD and other common standards. The book skewers bureaucracies that believe planning and methodology is an end in itself, yet recognizes key business realities facing security advocates and suggests practical approaches to "selling security" within an organization -- an important topic given tight or shrinking budgets. Greenberg is clearly a security guy and writes with experience and authority -- at times the style is conversational and humorous and at others professorial -- it is a good read for a security-focused text. While providing a strong overview of sound security planning and risk management concepts, MCSP also digs down and provides details where it counts regarding filters, proxies, IDS/VA, configuration management, content management (ActiveX, etc), and so forth yet consistently presents this low-level detail within the framework of an actionable security planning methodology that will be relevant five or even ten years from now. MCSP is anything but a security cookbook of technology discussions gleaned from public sources, although many basic concepts and topics are explained in the book's comprehensive glossary. Instead, the book presents the strengths and weaknesses of various technologies and approaches as they relate to the security improvement process. MCSP utilizes a sequence of sophisticated worksheets to guide the reader through the security planning process and create a dynamic, actionable security plan -- not a plan that lives on the shelf. Using Greenberg's approach there are three components to the Security Plan: Security Stack (physical, network, application, OS), Life-Cycle Stack (technology selection, implementation, operations, incident response), and Business (information, infrastructure, people). Interestingly, you may have noticed that the Security Stack is similar to the OSI model -- this is typical of the rational and logical approach throughout the book. Using the worksheet approach as a guide, the Security Plan is mapped to 28 pre-defined security elements addressing the core security planning challenges of a distributed computing environment. Based on the worksheets, the impact analysis method approach provides a readily understandable plan that reflects the specific business, technical, and lifecycle tradeoffs in your organization. Greenberg keeps it interesting with many anecdotes illustrating key points and thought-provoking arguments. For example, he advocates an approach that will hold vendors accountable for poor security by providing a quantifiable method for business software users to track security. The final chapter covers strategic security planning with PKI and provides a roadmap for selling an organization on the benefits of PKI when appropriate. MCSP is an innovative and useful security book. The book provides security staffers and planners with the logical framework and tools they need to create a comprehensive, living, and actionable security plan enabling the organization to shift from a reactive security posture to a more pro-active approach. Highly recommended.

    Was this review helpful? Yes  No   Report this review
Sort by: Showing 1 Customer Reviews

If you find inappropriate content, please report it to Barnes & Noble
Why is this product inappropriate?
Comments (optional)