- Get it by Friday, October 20 , Order now and choose Expedited Delivery during checkout.
This is the only book that covers all the topics that any budding security manager needs to know! This book is written for managers responsible for IT/Security departments from mall office environments up to enterprise networks.
These individuals do not need to know about every last bit and byte, but they need to have a solid understanding of all major, IT security issues to effectively manage their departments. This book is designed to cover both the basic concepts of security, non – technical principle and practices of security and provides basic information about the technical details of many of the products - real products, not just theory.
Written by a well known Chief Information Security Officer, this book gives the information security manager all the working knowledge needed to: • Design the organization chart of his new security organization • Design and implement policies and strategies • Navigate his way through jargon filled meetings • Understand the design flaws of his E-commerce and DMZ infrastructure
• A clearly defined guide to designing the organization chart of a new security organization and how to implement policies and strategies
• Navigate through jargon filled meetings with this handy aid
• Provides information on understanding the design flaws of E-commerce and DMZ infrastructure
Most Helpful Customer Reviews
Security isn¿t just something you ¿turn on¿. Security is a mindset, a set of systems and practices that affect all aspects of your work environment. And implementing security practices¿especially in an organization devoid of such¿is a daunting task. I found this to be an excellent book in that the author obviously understands security. He¿s dedicated his life keeping privileged information safe. More importantly, this book is laid out in such a way that it will lead the uninitiated, newly appointed security expert at any organization through the process of implementing a security framework. Firewalls, Intrusion Detection Systems, and the like are only as good as the policies that govern them. The first step in implementing security is to define an information security policy. The author leads the reader through identifying business risks and creating an action plan to mitigate those risks. In addition to the expected ¿what does a firewall do, and how should you use it¿ type of information, the author does an excellent job cutting to the chase on a wide variety of security issues. He provides examples of how find the right people to implement your security framework, what types of systems might be required in your environment, and how to perform periodic penetration testing, to see if your security framework keeps the bad guys out. I really see this book being of great benefit to the newly appointed security expert, who is perhaps a bit overwhelmed with his/her new responsibilities. This book is an easy read, very interesting, and very useful for the individual responsible for all aspects of a company¿s security infrastructure.