E-Book, Englisch, 346 Seiten
Stackpole / Oksendahl Security Strategy
1. Auflage 2010
ISBN: 978-1-4398-2734-5
Verlag: Taylor & Francis
Format: PDF
Kopierschutz: Adobe DRM (»Systemvoraussetzungen)
From Requirements to Reality
E-Book, Englisch, 346 Seiten
ISBN: 978-1-4398-2734-5
Verlag: Taylor & Francis
Format: PDF
Kopierschutz: Adobe DRM (»Systemvoraussetzungen)
Addressing the diminished understanding of the value of security on the executive side and a lack of good business processes on the security side, Security Strategy: From Requirements to Reality explains how to select, develop, and deploy the security strategy best suited to your organization. It clarifies the purpose and place of strategy in an information security program and arms security managers and practitioners with a set of security tactics to support the implementation of strategic planning initiatives, goals, and objectives.
The book focuses on security strategy planning and execution to provide a clear and comprehensive look at the structures and tools needed to build a security program that enables and enhances business processes. Divided into two parts, the first part considers business strategy and the second part details specific tactics. The information in both sections will help security practitioners and mangers develop a viable synergy that will allow security to take its place as a valued partner and contributor to the success and profitability of the enterprise.
Confusing strategies and tactics all too often keep organizations from properly implementing an effective information protection strategy. This versatile reference presents information in a way that makes it accessible and applicable to organizations of all sizes. Complete with checklists of the physical security requirements that organizations should consider when evaluating or designing facilities, it provides the tools and understanding to enable your company to achieve the operational efficiencies, cost reductions, and brand enhancements that are possible when an effective security strategy is put into action.
Zielgruppe
Chief security and chief information security officers, security directors and managers, security architects, and security strategists.
Autoren/Hrsg.
Fachgebiete
Weitere Infos & Material
STRATEGY
Strategy: An Introduction
Strategic Planning Essentials
Strategic Planning Process Evaluation
Security Leadership Challenges
Getting Started
Other Challenges for Security and Strategic Planning
When Strategic Planning Should Be Conducted
Metaphor Analysis and Strategic Planning
Creating a Security Culture
Security Continuum (Moving toward a Security Culture)
Getting to the Big Picture
Background (Why Should Security Bother with Strategic Planning?)
Menu of Strategic Planning Methods and Models
Which Strategic Planning Tools?
What Are Security Plan Essentials? (Analysis, Planning, and Implementation)
When Should Strategic Planning Be Done?
Six Keys to Successful Strategic Planning
Myths about Strategic Planning
Barriers to Strategic Planning
Overcoming Negative Perceptions of Security
Developing Strategic Thinking Skills
Testing the Consumer
Defining the Consumer Buckets
Quick Customer Assessment
Designing Customer Feedback Surveys
Deploying a Survey
Measuring Customer Satisfaction Results
Integration of Consumer Data
Strategic Framework (Inputs to Strategic Planning)
Environmental Scan
Regulations and Legal Environment
Industry Standards
Marketplace–Customer Base
Organizational Culture
National and International Requirements (Political and Economic)
Competitive Intelligence
Business Intelligence
Technical Environment and Culture
Business Drivers
Additional Environmental Scan Resources
Scenario Planning
Futurist Consultant Services
Blue Ocean Strategy versus Red Ocean Strategy
Future (the Need to Be Forward Looking)
Developing a Strategic Planning Process
Process and Procedures
Get Ready to Plan for a Plan
Planning, Preparation, and Facilitation
Building a Foundation for Strategy (High, Wide, and Deep)
In the Beginning
Implementation (a Bias toward Action and Learning)
Feedback, Tracking, and Control
Completion
Best Strategies (Strategies That Work)
Gates, Geeks, and Guards (Security Convergence)
Benefits of Security Convergence
Convergence Challenges
Success Factors
TACTICS
Tactics: An Introduction
Tactical Framework
Objectives Identification
First Principles
Layer upon Layer (Defense in Depth)
Defense-in-Depth Objectives Identification
Information Environments
Threats
Environmental Objectives
Did You See That! (Observation)
Observation Objectives
Drivers and Benefits for Excellence in Observation
Observation Challenges
Success Factors and Lessons Learned
Excellence in Observation Control Objectives
Trust but Verify (Accountability)
Unmatched Value of Accountability
Comprehensive Accountability Challenges
Best Uses for the Accountability Tactic
Comprehensive Accountability Identity Objectives
Comprehensive Accountability Audit Objectives
SDL and Incident Response
Application
(SDL)2—Software as a Service Extensions (SaaS)
Transition Objectives
Rapid Response
Keep Your Enemies Closer
Hire a Hacker Objectives
The Hire a Hacker Controversy
Success Factors and Lessons Learned
Control Objectives
Hire a Hessian (Outsourcing)
Security in the Outsourcing of IT Services
Security in the Outsourcing of Security Services
Outsourcing of Security Services Objectives
Challenges to Outsourcing Security Services Success Factors and Lessons Learned
Outsourcing Security Services Control Objectives
Security Awareness Training
Staff Development Training
Security Awareness Training
Awareness Training Drivers and Benefits
Industry Training Trends and Best-Practices Examples
Training Resources
Awareness Training Challenges
Success Factors and Lessons Learned
How Do You Know if Your Training Is Successful?
Appendix: Physical Security Checklists
