Gentile / Collette / August | The CISO Handbook | E-Book | www.sack.de
E-Book

E-Book, Englisch, 352 Seiten

Gentile / Collette / August The CISO Handbook

A PRACTICAL GUIDE TO SECURING YOUR COMPANY
Erscheinungsjahr 2005
ISBN: 978-1-4200-3137-9
Verlag: Taylor & Francis
Format: PDF
 Kopierschutz: Adobe DRM (»Systemvoraussetzungen)

A PRACTICAL GUIDE TO SECURING YOUR COMPANY

E-Book, Englisch, 352 Seiten

ISBN: 978-1-4200-3137-9
Verlag: Taylor & Francis
Format: PDF
 Kopierschutz: Adobe DRM (»Systemvoraussetzungen)

The CISO Handbook: A Practical Guide to Securing Your Company provides unique insights and guidance into designing and implementing an information security program, delivering true value to the stakeholders of a company. The authors present several essential high-level concepts before building a robust framework that will enable you to map the concepts to your company’s environment.

The book is presented in chapters that follow a consistent methodology – Assess, Plan, Design, Execute, and Report. The first chapter, Assess, identifies the elements that drive the need for infosec programs, enabling you to conduct an analysis of your business and regulatory requirements. Plan discusses how to build the foundation of your program, allowing you to develop an executive mandate, reporting metrics, and an organizational matrix with defined roles and responsibilities. Design demonstrates how to construct the policies and procedures to meet your identified business objectives, explaining how to perform a gap analysis between the existing environment and the desired end-state, define project requirements, and assemble a rough budget. Execute emphasizes the creation of a successful execution model for the implementation of security projects against the backdrop of common business constraints. Report focuses on communicating back to the external and internal stakeholders with information that fits the various audiences.

Each chapter begins with an Overview, followed by Foundation Concepts that are critical success factors to understanding the material presented. The chapters also contain a Methodology section that explains the steps necessary to achieve the goals of the particular chapter.

Gentile / Collette / August The CISO Handbook jetzt bestellen!

Zielgruppe

Information security management and administrators; corporate management; chief information officers; board members; audit committee members; audit directors.

Autoren/Hrsg.

Gentile, Michael
Collette, Ron
August, Thomas D.

Fachgebiete

Weitere Infos & Material

Assess

Overview

Foundation Concepts

Critical Skills

Consultative Sales Skills

Critical Knowledge

Understanding Your Business

Understanding Risk

Understanding Your Enterprise Differentiators

Understanding Your Legal and Regulatory Environment

Understanding Your Organizational Structure

Understanding Your Organizational Dynamics

Enterprise Culture

Understanding your Enterprise’s View of Technology

Assessment Methodology

Identifying your Program’s Primary Driver

Why Are You Here?

Stakeholders

Identifying your External Drivers

Other External Drivers

Identifying your Internal Drivers

Assessment Checklist

Plan

Overview

Foundation Concepts

Critical Skills

Visioning

Strategic Planning

Negotiating

Marketing

Talent Assessment

Critical Skills Summary

Critical Knowledge

ISC2 Common Body of Knowledge [CBK]

Other Security Industry Resources

Planning Methodology

Understanding your Program’s Mandate

Determining Your Program’s Structure

Centralized vs. Decentralized

Security Pipeline

Size of Your Program

Security Program Structure Summary

Determining Your Program’s Staffing

Planning Summary

Planning Checklist

Design

Overview

Foundation Concepts

Critical Skills

Critical Knowledge

Methodology

Preview

Security Document Development

Project Portfolio Development

Communication Plan Development

Incorporating your Enterprise Drivers

Requirements

Gap Analysis

Building Security Policies, Standards, Procedures, And Guidelines

Build Security Documents Summary

Building the Security Project Portfolio

Annual Portfolio Review

Build the Communication Plan

Chapter Summary

Design Checklist

Execute

Overview

Foundation Concepts

Preview

Critical Skills

Critical Knowledge

Methodology

Project Execution

Administrative Cleanup

Chapter Summary

Report

Overview

Foundation Concepts

Critical Skills

Critical Knowledge

Marketing

Methodology

Report Construction Process

Determine Target Audience

Delivery Mechanisms

Chapter Summary

The Final Phase

Overview

Back To the Beginning

Parting Thoughts

Appendix A Design Chapter Worksheets

Appendix B Report Creation Process Worksheet

Appendix C Requirements Sample

Appendix D SDLC Checklist

Appendix E Recommended Reading

Mike Gentile is on a mission to change the status quo in Information Security as we know it. His goal is to translate the discipline from one that is often misunderstood, inefficiently applied, and painful to one that is seamless, collaborative, and repeatable in organizations across the globe. Delphiis is the encapsulation of this mission.

Mike brings balance of business acumen and technical skill-set anchored by years in the field and his core focus over the past 15 years has been his practice, Coastline Consulting services. As the Founder and President, Coastline has developed enterprise security programs for countless leading public, private, and government organizations, including many within the Global 1000 and Fortune 500. During that time he also became Co-Founder and Editor for CISOHandbook.com, the leading portal for security leaders.

As a researcher, Mike has contributed numerous publications within the Information technology, project management, and security communities. He is also a senior researcher with Computer Economics in the Information Security domain and has written articles for the ISSA Journal, Computer Economics, RSA Conference and Secure World Expo.

As a writer he is the co-author of The CISO Handbook: A Practical Guide to Securing Your Company as well as CISO Soft Skills: Securing Organizations Impaired by Employee Politics, Apathy, and Intolerant Perspectives. The CISO Handbook is used as course material for numerous advanced education and Master’s programs on security leadership around the world.

Mr. Gentile serves on multiple advisory boards, including being on the Board of Advisors for Savant, a malware protection company, as well an active member of the RSA Program Committee since 2009.

Mr. Gentile is a sought after speaker on security, project management, and information technology topics. For the last 3 years he has been a top rated speaker at RSA, the most prestigious security conference in the United states and has been keynote speaker for the CXO Summits conference series. He has also presented over the years for the Project Management Institute, Secure World Expo, ISSA, Symantec, and many more.

Mike lives in Southern California with his wife Tiffany and their two boys.

Ihre Fragen, Wünsche oder Anmerkungen
Vorname*
Nachname*
Ihre E-Mail-Adresse*
Kundennr.
Ihre Nachricht*
Lediglich mit * gekennzeichnete Felder sind Pflichtfelder.
Wenn Sie die im Kontaktformular eingegebenen Daten durch Klick auf den nachfolgenden Button übersenden, erklären Sie sich damit einverstanden, dass wir Ihr Angaben für die Beantwortung Ihrer Anfrage verwenden. Selbstverständlich werden Ihre Daten vertraulich behandelt und nicht an Dritte weitergegeben. Sie können der Verwendung Ihrer Daten jederzeit widersprechen. Das Datenhandling bei Sack Fachmedien erklären wir Ihnen in unserer Datenschutzerklärung.