Managing Risk and Information Security: Protect to Enable

Managing Risk and Information Security: Protect to Enable

Malcolm Harkins


coping with hazard and knowledge protection: safeguard to let, an ApressOpen identify, describes the altering hazard setting and why a clean method of info safeguard is required. simply because nearly each element of an company is now depending on know-how, the focal point of IT protection needs to shift from locking down resources to permitting the enterprise whereas handling and surviving danger. This compact booklet discusses company probability from a broader viewpoint, together with privateness and regulatory issues. It describes the expanding variety of threats and vulnerabilities, but additionally bargains recommendations for constructing options. those contain discussions of ways organizations can reap the benefits of new and rising technologies—such as social media and the large proliferation of Internet-enabled devices—while minimizing risk.

With ApressOpen, content material is freely on hand via a number of on-line distribution channels and digital codecs with the objective of disseminating professionally edited and technically reviewed content material to the global community.

Here are a number of the responses from reviewers of this unheard of work:

“Managing threat and knowledge defense is a perceptive, balanced, and infrequently thought-provoking exploration of evolving details danger and safety demanding situations inside a company context. Harkins in actual fact connects the wanted, yet often-overlooked linkage and conversation among the company and technical worlds and gives actionable techniques. The e-book comprises eye-opening protection insights which are simply understood, even by means of the curious layman.”

Fred Wettling, Bechtel Fellow, IS&T Ethics & Compliance Officer, Bechtel

“As disruptive expertise techniques and escalating cyber threats proceed to create huge, immense details protection demanding situations, handling hazard and data safeguard: safeguard to let offers a much-needed point of view. This ebook compels details protection pros to imagine in a different way approximately strategies of probability administration on the way to be more advantageous. the explicit and useful information bargains a fast-track formulation for constructing info defense concepts that are lock-step with enterprise priorities.”

Laura Robinson, vital, Robinson Insight

Chair, protection for enterprise Innovation Council (SBIC)

Program Director, government defense motion discussion board (ESAF)

“The mandate of the knowledge safety functionality is being thoroughly rewritten. regrettably such a lot heads of safety haven’t picked up at the switch, impeding their companies’ agility and skill to innovate. This e-book makes the case for why protection must swap, and exhibits the way to start. it is going to be considered as marking the turning aspect in details safety for years to come.”

Dr. Jeremy Bergsman, perform supervisor, CEB

“The international we're dependable to guard is altering dramatically and at an accelerating speed. know-how is pervasive in almost each element of our lives. Clouds, virtualization and cellular are redefining computing – and they're just the start of what's to return. Your defense perimeter is outlined through anywhere your details and other people occur to be. we're attacked via expert adversaries who're larger funded than we are going to ever be. We within the info defense career needs to swap as dramatically because the atmosphere we safeguard. we'd like new abilities and new thoughts to do our jobs successfully. We actually have to switch the best way we think.

Written through the best within the enterprise, coping with probability and data safeguard demanding situations conventional safety concept with transparent examples of the necessity for switch. It additionally presents professional suggestion on the right way to dramatically bring up the luck of your defense technique and strategies – from facing the misunderstanding of hazard to the way to develop into a Z-shaped CISO.

Managing probability and data safeguard is the last word treatise on find out how to convey potent safety to the area we are living in for the subsequent 10 years. it's absolute needs to examining for an individual in our occupation – and may be at the table of each CISO within the world.”

Dave Cullinane, CISSP

CEO protection Starfish, LLC

“In this assessment, Malcolm Harkins can provide an insightful survey of the developments, threats, and strategies shaping info hazard and safeguard. From regulatory compliance to psychology to the altering probability context, this paintings offers a compelling creation to a tremendous subject and trains priceless recognition at the results of fixing expertise and administration practices.”

Dr. Mariano-Florentino Cuéllar Professor, Stanford legislation School

Co-Director, Stanford middle for overseas defense and Cooperation (CISAC), Stanford University

“Malcolm Harkins will get it. In his new publication Malcolm outlines the most important forces altering the knowledge defense threat panorama from an enormous photo standpoint, after which is going directly to provide potent tools of handling that chance from a practitioner's perspective. the mix makes this e-book specified and a needs to learn for a person drawn to IT risk."

Dennis Devlin AVP, info safety and Compliance, The George Washington University

“Managing danger and knowledge protection is the first-to-read, must-read e-book on details safety for C-Suite executives. it really is available, comprehensible and actionable. No sky-is-falling scare strategies, no techno-babble – simply directly discuss a significantly very important topic. there is not any greater primer at the economics, ergonomics and psycho-behaviourals of protection than this.”

Thornton could, Futurist, govt Director & Dean, IT management Academy

“Managing hazard and knowledge safety is a warning call for info defense executives and a ray of sunshine for company leaders. It equips enterprises with the information required to rework their protection courses from a “culture of no” to at least one involved in agility, price and competitiveness. not like different courses, Malcolm offers transparent and instantly appropriate options to optimally stability the usually opposing wishes of danger relief and company development. This publication might be required interpreting for someone at the moment serving in, or looking to in attaining, the position of leader info protection Officer.”

Jamil Farshchi, Senior company chief of Strategic making plans and tasks, VISA

“For too a long time, enterprise and safety – both genuine or imagined – have been at odds. In handling threat and data safety: guard to let, you get what you are expecting – actual lifestyles sensible how one can holiday logjams, have safety really permit enterprise, and marries protection structure and enterprise structure. Why this publication? It's written through a practitioner, and never simply any practitioner, one of many major minds in safety today.”

John Stewart, leader protection Officer, Cisco

“This booklet is a useful advisor to assist protection execs deal with chance in new methods during this alarmingly speedy altering surroundings. full of examples which makes it a excitement to learn, the ebook captures sensible methods a ahead pondering CISO can flip details safety right into a aggressive virtue for his or her business.

This booklet presents a brand new framework for dealing with chance in an pleasing and suggestion upsetting means. this can switch the way in which defense pros paintings with their company leaders, and support get items to industry faster.

The 6 irrefutable legislation of data defense might be on a stone plaque at the table of each safety professional.”

Steven Proctor, vice chairman, Audit & hazard administration, Flextronics

What you’ll learn

The ebook describes, at a administration point, the evolving firm safeguard landscape
It presents counsel for a management-level viewers approximately how you can deal with and live on risk
Who this e-book is for

The target market is constituted of CIOs and different IT leaders, CISOs and different details defense leaders, IT auditors, and different leaders of company governance and threat services. even though, it bargains extensive entice these within the possibility administration and safeguard industries.

Show sample text content

Download sample