Assessing Information Security - Strategies, Tactics, Logic and Framework
BIC: COMPUTING & INFORMATION TECHNOLOGY, COMPUTER SECURITY
BISAC: COMPUTERS / General, COMPUTERS / Security / General
Published: 29 Jan 2015
The activities of the cyber criminal are both deliberate and hostile, and they can be compared to military operations. Many people in business understand that the insights from the classics of military strategy are as relevant to modern commerce as they are to war.
It is clear that organisations need to develop a view of cyber security that goes beyond technology: all staff in the organisation have a role to play, and it is the senior managers who must ensure, like generals marshalling their forces, that all staff know the cyber security policies that explain what to do when under attack.
With this in mind, the authors have drawn on the work of Clausewitz and Sun Tzu, and applied it to the understanding of information security that they have built up through their extensive experience in the field. The result is expert guidance on information security, underpinned by a profound understanding of human conflict.
- shows how to use principles of military strategy to defend against cyber attacks, enabling organisations to have a more structured response to malicious intrusions
- explains the priorities for robust cyber security , helping readers to decide which security measures will be the most effective.
- demonstrates how to integrate cyber security into your organisation’s normal operations.
Make cyber security business as usual in your organisation.
1: Information Security auditing and strategy
2: Security auditing, governance, policies and compliance
3: Security assessments classification
4: Advanced pre-assessment planning
5: Security audit strategies and tactics
6: Synthetic evaluation of risks
7: Presenting the outcome and follow-up acts
8: Reviewing security assessment failures and auditor management strategies