Risk Management for Computer Security: Protecting Your Network & Information Assets

Paperback (Print)
Buy New
Buy New from BN.com
$49.85
Used and New from Other Sellers
Used and New from Other Sellers
from $1.99
Usually ships in 1-2 business days
(Save 96%)
Other sellers (Paperback)
  • All (11) from $1.99   
  • New (4) from $33.82   
  • Used (7) from $1.99   

Overview

The information systems security (InfoSec) profession remains one of the fastest growing professions in the world today. With the advent of the Internet and its use as a method of conducting business, even more emphasis is being placed on InfoSec. However, there is an expanded field of threats that must be addressed by today's InfoSec and information assurance (IA) professionals.
Operating within a global business environment with elements of a virtual workforce can create problems not experienced in the past. How do you assess the risk to the organization when information can be accessed, remotely, by employees in the field or while they are traveling internationally? How do you assess the risk to employees who are not working on company premises and are often thousands of miles from the office? How do you assess the risk to your organization and its assets when you have offices or facilities in a nation whose government may be supporting the theft of the corporate "crown jewels" in order to assist their own nationally owned or supported corporations? If your risk assessment and management program is to be effective, then these issues must be assessed.
Personnel involved in the risk assessment and management process face a much more complex environment today than they have ever encountered before.
This book covers more than just the fundamental elements that make up a good risk program. It provides an integrated "how to" approach to implementing a corporate program, complete with tested methods and processes; flowcharts; and checklists that can be used by the reader and immediately implemented into a computer and overall corporate security program. The challenges are many and this book will help professionals in meeting their challenges as we progress through the 21st Century.

*Presents material in an engaging, easy-to-follow manner that will appeal to both advanced INFOSEC career professionals and network administrators entering the information security profession
*Addresses the needs of both the individuals who are new to the subject as well as of experienced professionals
*Provides insight into the factors that need to be considered & fully explains the numerous methods, processes & procedures of risk management

Read More Show Less

Product Details

  • ISBN-13: 9780750677950
  • Publisher: Elsevier Science
  • Publication date: 3/29/2005
  • Edition description: New Edition
  • Pages: 296
  • Product dimensions: 0.62 (w) x 6.00 (h) x 9.00 (d)

Meet the Author

Andy Jones is an experienced Military Intelligence Analyst and Information Technology Security specialist. He has had considerable experience in the analysis of Intelligence material in Strategic, Tactical and Counter-Insurgency operations and a wide range of Information systems management experience. In addition, he has considerable experience in the security of Information Technology systems, having been responsible for the implementation of Information Technology security within all areas of the British Army and in some joint service organizations. He has directed both Intelligence and Security operations and briefed the results at the highest level. He was awarded the MBE for his work during his service in Northern Ireland and has gained an Open University Bachelor of Science degree in mathematics and technology and a Masters degree in Information Security and Computer Crime from the University of Glamorgan. After completing 25 years service with the British Army’s Intelligence Corps, he moved into the area of defense research and was employed as the manager of a group of 80 research scientists and as a researcher and analyst in the area of Information Security. He has also had experience as a project manager within defense research for the security aspects of a number of large projects and has gained considerable expertise on the criminal and terrorist aspects of Information Security. He has undertaken a range of research into a number of aspects of Information warfare and the threats to information systems. 1n 2002 he co-authored a book on information warfare and is currently researching to write a book on the risks to information systems. In addition to his main work as a senior lecturer on Information Security and Computer Crime at the University of Glamorgan, he is currently also an associate lecturer for the Open University on Internet communications. His primary area of research for the last two years has been into methods for the measurement of t

Debi has a well-developed set of "soft" consultancy skills and experience developed by her formal education in the Arts and subsequent experience as a lecturer and advisor to students in colleges of further education. She has built on this so as to develop a set of IT skills through additional training with Birmingham University. Moreover she has deployed these skills to good effect in both civil and military consulting assignments. In this latter phase Debi's M.Sc. work was directed at investigating issues of system lifecycle security under DERA (now QinetiQ) sponsorship. Debi has also led the development and application of security risk analysis techniques within the Trusted Information Management Department at QinetiQ. She was previously the Head of Professional Services in the Trusted Information Management department at QinetiQ, the privatised element of what was previously the Defence Evaluation and Research Agency and is currently a Senior Research Fellow in Information Assurance at the Royal Military College of Science, Cranfield University.

Read More Show Less

Table of Contents

Section I: An Introduction to Risk Management: Introduction to the Theories of Risk Management; The Changing Environment; The Art of Managing Risks; Section II: The Threat Assessment Process: Threat Assessment and its Input to Risk Assessment; Threat Assessment Method; Example Threat Assessment; Section III: Vulnerability Issues: Operating System Vulnerabilities; Application Vulnerabilities; Public Domain or COTS?; Connectivity and Dependence; Section IV: The Risk Process: What is Risk Assessment?; Risk Analysis; Who is Responsible?; Section V:/Tools and Types of Risk Assessment: Qualitative versus Quantitative; The Policies, Procedures, Plans and Processes of Risk Management; Tools and Techniques; Integrated Risk Management; The Future of the Risk Management
Read More Show Less

Customer Reviews

Average Rating 5
( 1 )
Rating Distribution

5 Star

(1)

4 Star

(0)

3 Star

(0)

2 Star

(0)

1 Star

(0)

Your Rating:

Your Name: Create a Pen Name or

Barnes & Noble.com Review Rules

Our reader reviews allow you to share your comments on titles you liked, or didn't, with others. By submitting an online review, you are representing to Barnes & Noble.com that all information contained in your review is original and accurate in all respects, and that the submission of such content by you and the posting of such content by Barnes & Noble.com does not and will not violate the rights of any third party. Please follow the rules below to help ensure that your review can be posted.

Reviews by Our Customers Under the Age of 13

We highly value and respect everyone's opinion concerning the titles we offer. However, we cannot allow persons under the age of 13 to have accounts at BN.com or to post customer reviews. Please see our Terms of Use for more details.

What to exclude from your review:

Please do not write about reviews, commentary, or information posted on the product page. If you see any errors in the information on the product page, please send us an email.

Reviews should not contain any of the following:

  • - HTML tags, profanity, obscenities, vulgarities, or comments that defame anyone
  • - Time-sensitive information such as tour dates, signings, lectures, etc.
  • - Single-word reviews. Other people will read your review to discover why you liked or didn't like the title. Be descriptive.
  • - Comments focusing on the author or that may ruin the ending for others
  • - Phone numbers, addresses, URLs
  • - Pricing and availability information or alternative ordering information
  • - Advertisements or commercial solicitation

Reminder:

  • - By submitting a review, you grant to Barnes & Noble.com and its sublicensees the royalty-free, perpetual, irrevocable right and license to use the review in accordance with the Barnes & Noble.com Terms of Use.
  • - Barnes & Noble.com reserves the right not to post any review -- particularly those that do not follow the terms and conditions of these Rules. Barnes & Noble.com also reserves the right to remove any review at any time without notice.
  • - See Terms of Use for other conditions and disclaimers.
Search for Products You'd Like to Recommend

Recommend other products that relate to your review. Just search for them below and share!

Create a Pen Name

Your Pen Name is your unique identity on BN.com. It will appear on the reviews you write and other website activities. Your Pen Name cannot be edited, changed or deleted once submitted.

 
Your Pen Name can be any combination of alphanumeric characters (plus - and _), and must be at least two characters long.

Continue Anonymously
Sort by: Showing 1 Customer Reviews
  • Posted June 18, 2013

    WOW... I love MyDeals247 model - they create competition among t

    WOW... I love MyDeals247 model - they create competition among the sellers real-time.

    Was this review helpful? Yes  No   Report this review
Sort by: Showing 1 Customer Reviews

If you find inappropriate content, please report it to Barnes & Noble
Why is this product inappropriate?
Comments (optional)