The Ciso Handbook: A Practical Guide to Securing your company (Hardcover)

The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws by Dafydd Stuttard 3.7 out of 5 stars (3)  £22.09

› Explore similar items

Product Description
Truly a practical work, this handbook offers a comprehensive roadmap for designing and implementing an effective information security program based on real world scenarios. It builds a bridge between high-level theory and practical execution by illustrating solutions to practical issues often overlooked by theoretical texts. This leads to a set of practices that security professionals can use every day. The framework it describes can be expanded or contracted to meet the needs of almost any organization. A reference as well as a guide, each of the chapters are self-contained and can be read in any order.

From the Back Cover
The CISO Handbook: A Practical Guide to Securing Your Company provides unique insights and guidance into designing and implementing an information security program, delivering true value to the stakeholders of a company. The authors present several essential high-level concepts before building a robust framework that will enable you to map the concepts to your company's environment.

The book is presented in chapters that follow a consistent methodology - Assess, Plan, Design, Execute, and Report. The first chapter, Assess, identifies the elements that drive the need for infosec programs, enabling you to conduct an analysis of your business and regulatory requirements. Plan discusses how to build the foundation of your program, allowing you to develop an executive mandate, reporting metrics, and an organizational matrix with defined roles and responsibilities. Design demonstrates how to construct the policies and procedures to meet your identified business objectives, explaining how to perform a gap analysis between the existing environment and the desired end-state, define project requirements, and assemble a rough budget. Execute emphasizes the creation of a successful execution model for the implementation of security projects against the backdop of common business constraints. Report focuses on communicating back to the external and internal stakeholders with information that fits the various audiences.

Each chapter begins with an Overview, followed by Foundation Concepts that are critical success factors to understanding the material presented. The chapters also contain a Methodology section that explains the steps necessary to achieve the goals of the particular chapter.

First Sentence
The assess phase of the methodology is the process of determining information about the enterprise to support the planning of your information security program. Read the first page Browse Sample Pages
Front Cover | Copyright | Table of Contents | Excerpt | Index

Search inside this book:

There are no customer reviews yet.   Create your own review
Video reviews New feature! Amazon now allows customers to upload product video reviews. Use a webcam or video camera to record and upload reviews to Amazon.

Protect your Identity: A list by Barry Tighe "Author The Spawater Chronicles, Gieves to the Fore" Create a Listmania! list

Search Listmania!

• Books > Business, Finance & Law > Biographies & Histories > Company Histories
• Books > Business, Finance & Law > E-Commerce > Managers' Guides to Computing
• Books > Business, Finance & Law > Management > Information Management
• Books > Computing & Internet > Networking & Security > Security
• Books > Science & Nature > Engineering & Technology
• Books > Scientific, Technical & Medical > Mathematics > Applied Mathematics > Finance & Economics

• Would you like to update product info or give feedback on images?
• I am the Author, and I want to comment on my book.
• I am the Publisher, and I want to comment on this book.