Once more unto the breach : managing information security in an uncertain world /
In Once more unto the Breach, Andrea C Simmons speaks directly to information security managers and provides an insider's view of the role, offering priceless gems from her extensive experience and knowledge. Based on a typical year in the life of an information security manager, the book exami...
[Ely, Cambridgeshire], U.K. :
IT Governance Pub.,
Table of Contents:
- Preface; About the Author; Acknowledgements; Contents; Introduction; Chapter 1: August: Pulling a team together; It's not a project ... ; Make friends and influence people; There's always a need for a 'list' (well, if it's good enough for Santa Claus!); How many users are there?; How many assets require protection in your organisation?; Of the assets identified, how many servers are there?; What about information assets?; What version (or versions) of anti-virus is (are) running and how often is it (are they) being updated?; How many systems administrators are there?
- How often are systems updated?How many exceptions (deviations) to policy are there?; When were access controls last reviewed?; What level of information security awareness is there across the organisation?; How is incident management addressed?; What about team and company communications?; What about other projects going on in your organisation at the same time?; Project management; Chapter summary; Chapter 2: September: Street trash; Introduction; Incompatible software; Remote workers; User acceptance testing; Business as usual; Information ownership; Physical security; Incident.
- Password managementLaptop management; Chapter summary; Chapter 3: October: Compliance may be only skin deep; Introduction; Information security policy; Managing corporate anti-virus; Standard build and image; Password management (again); Consumerisation; Third-party management; Audit log management; Vulnerability management; Cloud Computing; Project management; Security awareness theme; Chapter summary; Chapter 4: November: How remote is remote?; Introduction; Location, location, location; Innovation, innovation, innovation; Information labelling; Lessons learnt; Security awareness theme.
- Chapter summaryChapter 5: December: Oh, for the sake of yet another proposal ... ; Security improvement programme; Fax management; Image build again; Physical security findings; Physical security solution suggestions; Other security tasks for this month; Environmental concerns; Information security awareness briefings; 'Kit' movement; Laptop users ... again!; Security awareness theme; Chapter summary; Chapter 6: January: A battle won; Baking security in; Desktop refresh versus consumerisation; Incident reporting; Data-sharing protocols; Linking InfoSec with records management.
- Penetration testing resultsBack to physical security issues; Reduce, reuse, recycle; Other security tasks for this month; Job descriptions; Users' understanding; People management; Security awareness theme; Chapter summary; Chapter 7: February: Money doesn't buy happiness; Divide and conquer?; Remember the big picture; Breadth of technological change; Embracing data protection and privacy; UK Data Protection Act 1998, seventh principle; Other security tasks for this month; User administration; Inventory management; Security awareness theme; Chapter summary.