Security Risk Management
Syngress Media,U.S. (Verlag)
978-1-59749-615-5 (ISBN)
Security Risk Management is the definitive guide for building or running an information security risk management program. This book teaches practical techniques that will be used on a daily basis, while also explaining the fundamentals so students understand the rationale behind these practices. It explains how to perform risk assessments for new IT projects, how to efficiently manage daily risk activities, and how to qualify the current risk level for presentation to executive level management. While other books focus entirely on risk analysis methods, this is the first comprehensive text for managing security risks.
This book will help you to break free from the so-called best practices argument by articulating risk exposures in business terms. It includes case studies to provide hands-on experience using risk assessment tools to calculate the costs and benefits of any security investment. It explores each phase of the risk management lifecycle, focusing on policies and assessment processes that should be used to properly assess and mitigate risk. It also presents a roadmap for designing and implementing a security risk management program.
This book will be a valuable resource for CISOs, security managers, IT managers, security consultants, IT auditors, security analysts, and students enrolled in information security/assurance college programs.
Evan Wheeler currently is a Director of Information Security for Omgeo (A DTCC | Thomson Reuters Company), an instructor at both Clark and Northeastern Universities, and the author of the Information Security Risk Management course for the SANS Institute. Previously he spent six years as a Security Consultant for the U.S. Department of Defense.
Part I – Introduction to Risk Management
Chapter 1. The Security Evolution
Chapter 2. Risky Business
Chapter 3. The Risk Management Lifecycle
Chapter 4. Risk Profiling
Part II – Risk Assessment and Analysis Techniques
Chapter 5. Formulating a Risk
Chapter 6. Risk Exposure Factors
Chapter 7. Security Controls and Services
Chapter 8. Risk Evaluation and Mitigation Strategies
Chapter 9. Reports and Consulting
Chapter 10. Risk Assessment Techniques
Part III – Building and Running a Risk Management Program
Chapter 11. Threat and Vulnerability Management
Chapter 12. Security Risk Reviews
Chapter 13. A Blueprint for Security
Chapter 14. Building a Program from Scratch
Appendix A: Security Risk Profile
Appendix B: Risk Models and Scales
Appendix C: Architectural Risk Analysis Reference Tables
| Erscheint lt. Verlag | 24.6.2011 |
|---|---|
| Zusatzinfo | 20 illustrations; Illustrations |
| Verlagsort | Rockland, MA |
| Sprache | englisch |
| Maße | 191 x 235 mm |
| Gewicht | 700 g |
| Themenwelt | Informatik ► Netzwerke ► Sicherheit / Firewall |
| ISBN-10 | 1-59749-615-4 / 1597496154 |
| ISBN-13 | 978-1-59749-615-5 / 9781597496155 |
| Zustand | Neuware |
| Informationen gemäß Produktsicherheitsverordnung (GPSR) | |
| Haben Sie eine Frage zum Produkt? |
aus dem Bereich
