E-Book, Englisch, 482 Seiten
Tiller Adaptive Security Management Architecture
Erscheinungsjahr 2010
ISBN: 978-1-4200-1337-5
Verlag: Taylor & Francis
Format: PDF
Kopierschutz: Adobe DRM (»Systemvoraussetzungen)
E-Book, Englisch, 482 Seiten
ISBN: 978-1-4200-1337-5
Verlag: Taylor & Francis
Format: PDF
Kopierschutz: Adobe DRM (»Systemvoraussetzungen)
For an organization to function effectively, its security controls must not be so restrictive that the business is denied the ability to be innovative and flexible. But increasingly pervasive threats mandate vigilance in unlikely areas. Adaptive Security Management Architecture enables security professionals to structure the best program designed to meet the complex needs of an entire organization, taking into account the organization’s business goals as well as the surrounding controls, processes, and units already in existence.
Security aligned with business needs
Introducing the concept of Adaptive Security Management Architecture (ASMA), the book explains how an organization can develop an adaptive security program closely aligned to business needs, making it an enabling force that helps the organization achieve its goals and objectives. Describing how to achieve this adaptability, the book cites several examples and concepts to demonstrate aspects of managing change. It presents the end product of a successful security management system and examines the finer points of how it can be accomplished.
Risk management and governance
The book explores the security and business attributes that must be considered in the development of services and discusses the importance of consistency of management of services. In a section on risk management, the author explains how this important component is directly integrated with the ASMA model. He also discusses the critical element of governance and its importance to demonstrating value and ensuring effective adaptation. Lastly, the book examines how proper organizational management can give the executive and leadership team the necessary oversight to ensure the entire security program meets stated expectations. It also describes the capability maturity model, which ensures that all the co-dependent features of the program are managed with a common approach, thus ensuring that the organization and its security program function as a unified, cohesive system.
Zielgruppe
Managers responsible for the security of IT systems, including CIOs, CISOs, and CSOs.
Autoren/Hrsg.
Weitere Infos & Material
Introduction
Security and Business
Why a New Architecture?
The Conflict of Change
The Four Influencers
Now Is the Time
Adaptive Security Management Architecture Overview
The Interconnects
About the Book
Achieving Adaptability
Security Adaptation
Compensating Controls Theory
The Depth and Granularity of Security
The Commonality of Security
Adaptability and Services
Exploiting Adaptability
Defining Security Services
Service Characteristics
Services Management
Management Structure
Service Coordination
Service Planning
Delivery Management
Closeout
Measurements
Risk Management
Risk Management as a Feature
Risk as Communications
Role of Risk Management
Rapid Risk Assessment
Compliance Management
Adaptive Architecture Compliance
Corporate Compliance
Governance
Governance Observation and Communications
Governance Influence
Operational Characteristics of Governance
Organizational Management
Organizational Structure
Defining the Customer
Service Catalog and Life Cycle Management
Security Functions
Security Personnel Training
Capability Maturity Management
Expectations and Results
Assessing Capability Maturity
Management
Adaptive Architecture Capability Maturity Model
Conclusion
Index
