Home > 'Near-perfect' security guide for execs
Books:
EMAIL THIS

'Near-perfect' security guide for execs

15 Apr 2005 | SearchSecurity.com

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   

The Executive Guide to Information Security: Threats, Challenges and Solutions

By Mark Egan and Tim Mather 268 Pages; $34.99       Symantec Press

Shelves are overflowing with books that profess to guide CISOs through virtually any security challenge, from building an infosecurity organization from scratch to tightening existing security policies and processes. However, they're often inappropriate for C-level executives, who need concise, nontechnical, business-driven explanations of what information security really is, what's reasonable to expect from it and how their CISO is going to manage it. This is exactly what The Executive Guide to Information Security: Threats, Challenges, and Solutions delivers.

Mark Egan and Tim Mather have designed this book to follow a logical progression, starting with the "why" of security management: Why can't the IT department keep systems secure? What does security mean to our customers? How can it detract from (or enhance) our business? The book provides these answers in terms an executive will understand, using a combination of established management principles and simple analogies. Eschewing fear-mongering, the authors use more of a carrot than a stick approach that suits its target audience well.

Infosec Bookshelf

Read Chapter 3 of this book

More book chapters and reviews

Do you agree with this review? Share your opinion.

 

Once establishing this foundation, The Executive Guide to Information Security devotes the bulk of its pages to laying out a high-level road map for maintaining a comprehensive in-house security program. There's a lot of information here about building effective security teams, leveraging existing resources and running ongoing programs, but it's probably not enough to implement a plan. The emphasis isn't on how to establish the program, but on what to expect from a CISO and how to best support security.

The book is most appropriate for U.S.-based medium- to large-sized enterprises. Executives of small or foreign organizations should probably look elsewhere.

The Executive Guide to Information Security demands absolutely no previous technical or security background, but imparts a surprising amount of information without drowning the reader in a sea of jargon. This must-read book is a near-perfect executive summary of security challenges and practices, with an emphasis on the business and regulatory environment in which security operates.

Do you agree with this review? Sound Off below to share your opinion.

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   



RELATED RESOURCES
2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
Search Bitpipe.com for the latest white papers and business webcasts
Whatis.com, the online computer dictionary




Search Additional Security Research and Solutions
TechTarget Security Media
Information Security View this month\\'s issue and subscribe today.
Information Security Decisions Apply online for free conference admission.
SearchSecurity.com
HomeNewsMagazineMultimediaWhite PapersLearningAdviceTopicsEventsAbout Us
SEARCH :     Site Index Powered by: Search Powered by Google

About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Site Map




All Rights Reserved, Copyright 2003 - 2009, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts