Information Security (Hewlett-Packard Professional Books) [Paperback]

In this book, IT security expert Donald Pipkin addresses every aspect of information security: the business issues, the technical process issues, and the legal issues. Pipkin starts by reviewing the key business issues: estimating the value of information assets, evaluating the cost to the organization if they are lost or disclosed, and determining the appropriate levels of protection and response to security incidents. Next, he walks through the technical processes required to build a consistent, reasonable information security system, with appropriate intrusion detection and reporting features. Finally, Pipkin reviews the legal issues associated with information security, including corporate officers' personal liability for taking care that information is protected. The book's coverage is applicable to businesses of any size, from 50 employees to 50,000 or more, and ideal for everyone who needs at least a basic understanding of information security: network/system administrators, managers, planners, architects, and executives alike.

• Information security, start to finish: inspection, protection, detection, reaction, and reflection
• Analyzing your most critical risks and threats
• Defining an information security strategy and architecture
• Planning and responding to intruders
• Legal and public relations implications

Computer and network security: the technical, legal, and business issues.

In Information Security: Protecting the Global Enterprise, IT security expert Donald Pipkin addresses every aspect of information security: the business issues, the technical process issues, and the legal issues—including the personal liabilities of corporate officers in protecting information assets. Pipkin starts by reviewing the key business issues associated with protecting information assets, and determining the appropriate levels of protection and response to security incidents. Next, he walks through the technical processes required to build a consistent, reasonable information security system, with appropriate intrusion detection and reporting features. Coverage includes:

• Inspection: Risk analysis, resource inventory, threat assessment, business impact analysis, safeguards, and more
• Protection: Information security design, vision, architecture, strategies, frameworks, and implementation
• Detection: Types of intruders, methods and profiles of detection
• Reaction: Incident response plans, documentation, determination, notification, assessment, repair, and recovery
• Reflection: Post-incident procedures, timelines, technical and management responses, process improvements, and public relations

Whether your role is technical or managerial, no matter what size your enterprise is, Information Security delivers the insight and guidance you need to protect your most vital asset: information.

Donald L. Pipkin is a Security Systems Architect for the Internet Security Division of Hewlett-Packard. Don is a noted security expert with fifteen plus years experience in the industry. He is a frequent speaker on the topic both regionally and internationally. He is also the author of Halting the Hacker: A Practical Guide to Computer Security, a contributing author of Unix Security, and he has written security articles for computer publications such as SysAdmin magazine.