Security Strategy : From Requirements to Reality

Stackpole, Bill/ Oksendahl, Eric

CRC Press（2017/07発売）

• 製本 Hardcover:ハードカバー版／ページ数 346 p.
• 言語 ENG
• 商品コード 9781138440463
• DDC分類 005.8

Full Description

Addressing the diminished understanding of the value of security on the executive side and a lack of good business processes on the security side, Security Strategy: From Requirements to Reality explains how to select, develop, and deploy the security strategy best suited to your organization. It clarifies the purpose and place of strategy in an information security program and arms security managers and practitioners with a set of security tactics to support the implementation of strategic planning initiatives, goals, and objectives.

The book focuses on security strategy planning and execution to provide a clear and comprehensive look at the structures and tools needed to build a security program that enables and enhances business processes. Divided into two parts, the first part considers business strategy and the second part details specific tactics. The information in both sections will help security practitioners and mangers develop a viable synergy that will allow security to take its place as a valued partner and contributor to the success and profitability of the enterprise.

Confusing strategies and tactics all too often keep organizations from properly implementing an effective information protection strategy. This versatile reference presents information in a way that makes it accessible and applicable to organizations of all sizes. Complete with checklists of the physical security requirements that organizations should consider when evaluating or designing facilities, it provides the tools and understanding to enable your company to achieve the operational efficiencies, cost reductions, and brand enhancements that are possible when an effective security strategy is put into action.

Contents

STRATEGY. An Introduction. Getting to the Big Picture. Testing the Consumer. Strategic Framework (Inputs to Strategic Planning). Developing a Strategic Planning Process. Gates, Geeks, and Guards (Security Convergence). TACTICS. Tactics: An Introduction. Layer upon Layer (Defense in Depth). Did You See That?! (Observation). Trust but Verify (Accountability). SDL and Incident Response. Keep Your Enemies Closer. Hire a Hessian (Outsourcing). Security Awareness Training. Appendix: Physical Security Checklists.