'Destined to be a classic work on the topic, Enterprise Security Architecture fills a real void in the knowledge base of our industry. In a comprehensive, detailed treatment, Sherwood, Clark and Lynas rightly emphasize the business approach and show how
 Trade In this Item for up to £14.25
Trade in Enterprise Security Architecture: A Business-Driven Approach for an Amazon.co.uk gift card of up to £14.25, which you can then spend on millions of items across the site. Trade-in values may vary (terms apply). Learn more
|
Book Description
Frequently Bought Together
Product details
Would you like to update product info or give feedback on images?
|
More About the Author
Discover books, learn about writers, and more.
Product Description
About the Author
John Sherwood, active in operational risk management for more than a decade and as an information systems professional for more than 30 years, is the Chief Architect of the SABSA(r) model. He is also a visiting lecturer and external examiner at Ro
Inside This Book
(Learn More)
Front Cover | Copyright | Table of Contents | Excerpt | Index | Back Cover
Explore More
Concordance
Browse Sample PagesConcordance
Front Cover | Copyright | Table of Contents | Excerpt | Index | Back Cover
Sell a Digital Version of This Book in the Kindle Store
If you are a publisher or author and hold the digital rights to a book, you can sell a digital version of it in our Kindle Store.
Learn more
What Other Items Do Customers Buy After Viewing This Item?
Customer Reviews
Most Helpful Customer Reviews
14 of 14 people found the following review helpful
Format:Hardcover
I first saw a colleague's preview copy of this book in September and have just got a copy of the real thing. First things first, this book describes exactly what it says on the cover i.e. a Business Driven Approach to security. If you are used to technical security architectures being the start point for security implementations then think again. This book says you should start your work by talking with the "top of the shop" at any enterprise and make sure that your ESA is aligned with the real business drivers of the business. Although this sounds like common sense, in my opinion too many of us have got bogged down in the technologies of authentication, encryption etc. over the years and failed to recognise the real needs of the businesses in which we work.
I particularly liked two things about this book:
- the layout in two distinct parts, ths first covering the philosophy and approach of SABSA, followed by more of a reference type second section;
- the "quick notes" in the left hand column of every page that let's you speed read each chapter.
I think that this book will challenge a lot of conventional approaches - for example where else do you see a section on Measuring Return on Investment in Security?
This book will not be a favourite of everyone that reads it - I did like it and am using it already in my work.
I particularly liked two things about this book:
- the layout in two distinct parts, ths first covering the philosophy and approach of SABSA, followed by more of a reference type second section;
- the "quick notes" in the left hand column of every page that let's you speed read each chapter.
I think that this book will challenge a lot of conventional approaches - for example where else do you see a section on Measuring Return on Investment in Security?
This book will not be a favourite of everyone that reads it - I did like it and am using it already in my work.
8 of 8 people found the following review helpful
Format:Hardcover|Amazon Verified Purchase
I cannot praise this book too highly. It covers the whole field of enterprise security architecture in great breadth and detail. Numerous useful models and patterns are included. Valuable (and sometimes amusing) case histories abound.
The writing is particularly clear; difficult topics are explained in full and I gained new insights in many areas.
The writing is particularly clear; difficult topics are explained in full and I gained new insights in many areas.
6 of 6 people found the following review helpful
Format:Hardcover
The SABSA method has been under development and in practical use for ten-fifteen years, mostly based on progressive conference presentations by the authors. The impression brought home from listening to the presentations was that this was something really great, breaking new ground and vastly more comprehensive than other enterprise security methods developed by the large consulting companies and a range of mostly American authors. If only it were possible to find all of it documented in one single place so that it could be understood holistically.
This book does exactly that, and it does not disappoint. It is worth the ten-fifteen years wait and without any doubt the best work so far written about corporate security architectures. If government departments and their sub-contractors had followed this development process and implemented it rigorously we would not have seen the past few years' data loss scandals.
The SABSA method should be used as the primary planning tool by all large organisations, not least governments. It makes it possible to introduce top level security without losing usability and flexibility - and without getting into the situation where a single rogue element in an organisation can cause huge havoc. It allows data to be valued correctly so that organisations avoid spending money on unnecessary security measures while providing appropriate information security throughout. The scope of the SABSA method, while primarily intended to provide an information security architecture, actually extends further and will help set up corporate management structures that can be used for other purposes as well.
The book is written by three of the best experts of information security, globally. It should be studied by anybody involved with information security and corporate governance.
This book does exactly that, and it does not disappoint. It is worth the ten-fifteen years wait and without any doubt the best work so far written about corporate security architectures. If government departments and their sub-contractors had followed this development process and implemented it rigorously we would not have seen the past few years' data loss scandals.
The SABSA method should be used as the primary planning tool by all large organisations, not least governments. It makes it possible to introduce top level security without losing usability and flexibility - and without getting into the situation where a single rogue element in an organisation can cause huge havoc. It allows data to be valued correctly so that organisations avoid spending money on unnecessary security measures while providing appropriate information security throughout. The scope of the SABSA method, while primarily intended to provide an information security architecture, actually extends further and will help set up corporate management structures that can be used for other purposes as well.
The book is written by three of the best experts of information security, globally. It should be studied by anybody involved with information security and corporate governance.
Would you like to see more reviews about this item?
›
Go to Amazon.com to see all 7 reviews
4.4 out of 5 stars
Were these reviews helpful?
Let us know
Listmania!
|
|
Look for similar items by category
- Books > Business, Finance & Law > E-Commerce > E-business
- Books > Business, Finance & Law > E-Commerce > Managers' Guides to Computing
- Books > Computing & Internet > Networking & Security > Security > Network Security
- Books > Computing & Internet > Software & Graphics > Graphics & Multimedia > Animation & Multimedia
- Books > Study Books
Feedback
- Would you like to update product info or give feedback on images?
- I am the Author, and I want to comment on my book.
- I am the Publisher, and I want to comment on this book.
|
