Managing risk and information security : : protect to enable /

Managing risk and information security : : protect to enable / / Malcolm W Harkins.

Show other versions (2)
Saved in:
Bibliographic Details
VerfasserIn:
Harkins, Malcolm,
Place / Publishing House:[Place of publication not identified] : : Apress Open,, [2016]
New York, NY : : Distributed to the book trade worldwide by Springer Science+Business Media New York
©2016
Year of Publication:2016
Edition:Second edition.
Language:English
Physical Description:1 online resource (1 volume) :; illustrations
Tags: Add Tag
No Tags, Be the first to tag this record!
id 993602791104498
ctrlnum (CKB)4340000000014851
(Safari)9781484214558
(OCoLC)958879520
(MiAaPQ)EBC5575803
(Au-PeEL)EBL5575803
(OCoLC)1066183556
(MiAaPQ)EBC6422848
(EXLCZ)994340000000014851
collection bib_alma
record_format marc
spelling Harkins, Malcolm, author.
Managing risk and information security : protect to enable / Malcolm W Harkins.
Second edition.
[Place of publication not identified] : Apress Open, [2016]
New York, NY : Distributed to the book trade worldwide by Springer Science+Business Media New York
©2016
1 online resource (1 volume) : illustrations
text txt rdacontent
computer c rdamedia
online resource cr rdacarrier
Description based on online resource; title from cover (Safari, viewed September 19, 2016).
Includes bibliographical references and index.
Intro -- Contents at a Glance -- Contents -- Foreword -- Praise for the second edition of Managing Risk and Information Security -- About the Author -- Acknowledgments -- Preface -- Chapter 1: Introduction -- Protect to Enable® -- Building Trust -- Keeping the Company Legal: The Regulatory Flood -- Privacy: Protecting Personal Information -- Personalization vs. Privacy -- Financial Regulations -- E-Discovery -- Expanding Scope of Regulation -- The Rapid Proliferation of Information, Devices, and Things -- The Changing Threat Landscape -- Stealthy Malware -- Nine Irrefutable Laws of Information Risk -- A New Approach to Managing Risk -- Chapter 2: The Misperception of Risk -- The Subjectivity of Risk Perception -- How Employees Misperceive Risk -- The Lure of the Shiny Bauble -- How Security Professionals Misperceive Risk -- Security and Privacy -- How Decision Makers Misperceive Risk -- How to Mitigate the Misperception of Risk -- Uncovering New Perspectives During Risk Assessments -- Communication Is Essential -- Building Credibility -- Chapter 3: Governance and Internal Partnerships: How to Sense, Interpret, and Act on Risk -- Information Risk Governance -- Finding the Right Governance Structure -- Building Internal Partnerships -- Legal -- Privacy -- Litigation -- Intellectual Property -- Contracts -- Financial Compliance -- Legal Specialists Within Business Groups -- Human Resources -- Setting Employee Expectations in Security Policies -- Employee Communications -- Investigations -- Finance -- Sarbanes-Oxley Compliance -- Working with Business Groups -- Internal Audit -- Corporate Risk Management -- Privacy -- Corporate Security -- Business Group Managers -- Conclusion -- Chapter 4: External Partnerships: The Power of Sharing Information -- The Value of External Partnerships -- External Partnerships: Types and Tiers -- 1:1 Partnerships.
Communities -- Community Characteristics -- Community Goals -- Sharing Information about Threats and Vulnerabilities -- Sharing Best Practices and Benchmarking -- Influencing Regulations and Standards -- Corporate Citizenship -- Conclusion -- Chapter 5: People Are the Perimeter -- The Shifting Perimeter -- Compliance or Commitment? -- Examining the Risks -- Adjusting Behavior -- A Model for Improving Security Awareness -- Broadening the Awareness Model -- The Security Benefits of Personal Use -- Roundabouts and Stop Signs -- The Technology Professional -- Insider Threats -- Deter -- Detect -- Discipline -- Finding the Balance -- Chapter 6: Emerging Threats and Vulnerabilities: Reality and Rhetoric -- Structured Methods for Identifying Threat Trends -- The Product Life Cycle Model -- Understanding Threat Agents -- Playing War Games -- Trends That Span the Threat Landscape -- Trust Is an Attack Surface -- Barriers to Entry Are Crumbling -- The Rise of Edge Case Insecurity -- The Enemy Knows the System -- Key Threat Activity Areas -- The Industry of Malware -- The Web Expands to the Internet of Things -- Smartphones -- Web Applications -- Conclusion -- Chapter 7: A New Security Architecture to Improve Business Agility -- The 9 Box of Controls, Business Trends, and Architecture Requirements -- 9 Box of Controls -- IT Consumerization -- New Business Needs -- Cloud Computing -- Changing Threat Landscape -- Privacy and Regulatory Requirements -- New Architecture -- Trust Calculation -- Source Score -- Destination Score -- Available Controls -- Calculating Trust -- Security Zones -- Untrusted Zones -- Selective Zones -- Trusted Zones -- Balanced Controls -- Users, Data, and the Internet of Things: The New Perimeters -- Data Perimeter -- User Perimeter -- Internet of Things -- Conclusion -- Chapter 8: Looking to the Future: Emerging Security Capabilities.
Internet of Things -- Consistent User Experience Across Devices -- Cloud Computing -- Big Data Analytics -- Artificial Intelligence -- Business Benefits and Risks -- New Security Capabilities -- Baseline Security -- Protected Environments -- Encryption -- Hardware Acceleration -- Enhanced Recovery -- AI-Based Security and Automation -- Context-Aware Security -- Cloud Security and Context Awareness -- Security Analytics and Data Protection -- Conclusion -- Chapter 9: Corporate Social Responsibility: The Ethics of Managing Information Risk -- The Expanding Scope of Corporate Social Responsibility -- The Evolution of Technology and Its Impact -- Maintaining Society's Trust -- The Ethics of Managing Information Risk -- Conclusion -- Chapter 10: The 21st Century CISO -- Chief Trust Officer -- The Z-Shaped Individual -- Foundational Skills -- Becoming a Storyteller -- Fear Is Junk Food -- Accentuating the Positive -- Demonstrating the Reality of Risk -- The CISO's Sixth Sense -- Taking Action at the Speed of Trust -- The CISO as a Leader -- Learning from Other Business Leaders -- Voicing Our Values -- Discussing Information Risk at Board Level -- Conclusion -- Chapter 11: Performance Coaching -- How to Use the Tables -- Independence and Initiative -- Efficiency and Effectiveness -- Commitment -- Professionalism -- Discipline -- Teamwork -- Problem-Solving -- Communication -- Listening -- Style -- Clarity -- Goal-Setting -- Conclusion -- Appendix A -- Index.
Computer security.
Electronic information resources Access control.
language English
format eBook
author Harkins, Malcolm,
spellingShingle Harkins, Malcolm,
Managing risk and information security : protect to enable /
Intro -- Contents at a Glance -- Contents -- Foreword -- Praise for the second edition of Managing Risk and Information Security -- About the Author -- Acknowledgments -- Preface -- Chapter 1: Introduction -- Protect to Enable® -- Building Trust -- Keeping the Company Legal: The Regulatory Flood -- Privacy: Protecting Personal Information -- Personalization vs. Privacy -- Financial Regulations -- E-Discovery -- Expanding Scope of Regulation -- The Rapid Proliferation of Information, Devices, and Things -- The Changing Threat Landscape -- Stealthy Malware -- Nine Irrefutable Laws of Information Risk -- A New Approach to Managing Risk -- Chapter 2: The Misperception of Risk -- The Subjectivity of Risk Perception -- How Employees Misperceive Risk -- The Lure of the Shiny Bauble -- How Security Professionals Misperceive Risk -- Security and Privacy -- How Decision Makers Misperceive Risk -- How to Mitigate the Misperception of Risk -- Uncovering New Perspectives During Risk Assessments -- Communication Is Essential -- Building Credibility -- Chapter 3: Governance and Internal Partnerships: How to Sense, Interpret, and Act on Risk -- Information Risk Governance -- Finding the Right Governance Structure -- Building Internal Partnerships -- Legal -- Privacy -- Litigation -- Intellectual Property -- Contracts -- Financial Compliance -- Legal Specialists Within Business Groups -- Human Resources -- Setting Employee Expectations in Security Policies -- Employee Communications -- Investigations -- Finance -- Sarbanes-Oxley Compliance -- Working with Business Groups -- Internal Audit -- Corporate Risk Management -- Privacy -- Corporate Security -- Business Group Managers -- Conclusion -- Chapter 4: External Partnerships: The Power of Sharing Information -- The Value of External Partnerships -- External Partnerships: Types and Tiers -- 1:1 Partnerships.
Communities -- Community Characteristics -- Community Goals -- Sharing Information about Threats and Vulnerabilities -- Sharing Best Practices and Benchmarking -- Influencing Regulations and Standards -- Corporate Citizenship -- Conclusion -- Chapter 5: People Are the Perimeter -- The Shifting Perimeter -- Compliance or Commitment? -- Examining the Risks -- Adjusting Behavior -- A Model for Improving Security Awareness -- Broadening the Awareness Model -- The Security Benefits of Personal Use -- Roundabouts and Stop Signs -- The Technology Professional -- Insider Threats -- Deter -- Detect -- Discipline -- Finding the Balance -- Chapter 6: Emerging Threats and Vulnerabilities: Reality and Rhetoric -- Structured Methods for Identifying Threat Trends -- The Product Life Cycle Model -- Understanding Threat Agents -- Playing War Games -- Trends That Span the Threat Landscape -- Trust Is an Attack Surface -- Barriers to Entry Are Crumbling -- The Rise of Edge Case Insecurity -- The Enemy Knows the System -- Key Threat Activity Areas -- The Industry of Malware -- The Web Expands to the Internet of Things -- Smartphones -- Web Applications -- Conclusion -- Chapter 7: A New Security Architecture to Improve Business Agility -- The 9 Box of Controls, Business Trends, and Architecture Requirements -- 9 Box of Controls -- IT Consumerization -- New Business Needs -- Cloud Computing -- Changing Threat Landscape -- Privacy and Regulatory Requirements -- New Architecture -- Trust Calculation -- Source Score -- Destination Score -- Available Controls -- Calculating Trust -- Security Zones -- Untrusted Zones -- Selective Zones -- Trusted Zones -- Balanced Controls -- Users, Data, and the Internet of Things: The New Perimeters -- Data Perimeter -- User Perimeter -- Internet of Things -- Conclusion -- Chapter 8: Looking to the Future: Emerging Security Capabilities.
Internet of Things -- Consistent User Experience Across Devices -- Cloud Computing -- Big Data Analytics -- Artificial Intelligence -- Business Benefits and Risks -- New Security Capabilities -- Baseline Security -- Protected Environments -- Encryption -- Hardware Acceleration -- Enhanced Recovery -- AI-Based Security and Automation -- Context-Aware Security -- Cloud Security and Context Awareness -- Security Analytics and Data Protection -- Conclusion -- Chapter 9: Corporate Social Responsibility: The Ethics of Managing Information Risk -- The Expanding Scope of Corporate Social Responsibility -- The Evolution of Technology and Its Impact -- Maintaining Society's Trust -- The Ethics of Managing Information Risk -- Conclusion -- Chapter 10: The 21st Century CISO -- Chief Trust Officer -- The Z-Shaped Individual -- Foundational Skills -- Becoming a Storyteller -- Fear Is Junk Food -- Accentuating the Positive -- Demonstrating the Reality of Risk -- The CISO's Sixth Sense -- Taking Action at the Speed of Trust -- The CISO as a Leader -- Learning from Other Business Leaders -- Voicing Our Values -- Discussing Information Risk at Board Level -- Conclusion -- Chapter 11: Performance Coaching -- How to Use the Tables -- Independence and Initiative -- Efficiency and Effectiveness -- Commitment -- Professionalism -- Discipline -- Teamwork -- Problem-Solving -- Communication -- Listening -- Style -- Clarity -- Goal-Setting -- Conclusion -- Appendix A -- Index.
author_facet Harkins, Malcolm,
author_variant m h mh
author_role VerfasserIn
author_sort Harkins, Malcolm,
title Managing risk and information security : protect to enable /
title_sub protect to enable /
title_full Managing risk and information security : protect to enable / Malcolm W Harkins.
title_fullStr Managing risk and information security : protect to enable / Malcolm W Harkins.
title_full_unstemmed Managing risk and information security : protect to enable / Malcolm W Harkins.
title_auth Managing risk and information security : protect to enable /
title_new Managing risk and information security :
title_sort managing risk and information security : protect to enable /
publisher Apress Open,
publishDate 2016
physical 1 online resource (1 volume) : illustrations
edition Second edition.
contents Intro -- Contents at a Glance -- Contents -- Foreword -- Praise for the second edition of Managing Risk and Information Security -- About the Author -- Acknowledgments -- Preface -- Chapter 1: Introduction -- Protect to Enable® -- Building Trust -- Keeping the Company Legal: The Regulatory Flood -- Privacy: Protecting Personal Information -- Personalization vs. Privacy -- Financial Regulations -- E-Discovery -- Expanding Scope of Regulation -- The Rapid Proliferation of Information, Devices, and Things -- The Changing Threat Landscape -- Stealthy Malware -- Nine Irrefutable Laws of Information Risk -- A New Approach to Managing Risk -- Chapter 2: The Misperception of Risk -- The Subjectivity of Risk Perception -- How Employees Misperceive Risk -- The Lure of the Shiny Bauble -- How Security Professionals Misperceive Risk -- Security and Privacy -- How Decision Makers Misperceive Risk -- How to Mitigate the Misperception of Risk -- Uncovering New Perspectives During Risk Assessments -- Communication Is Essential -- Building Credibility -- Chapter 3: Governance and Internal Partnerships: How to Sense, Interpret, and Act on Risk -- Information Risk Governance -- Finding the Right Governance Structure -- Building Internal Partnerships -- Legal -- Privacy -- Litigation -- Intellectual Property -- Contracts -- Financial Compliance -- Legal Specialists Within Business Groups -- Human Resources -- Setting Employee Expectations in Security Policies -- Employee Communications -- Investigations -- Finance -- Sarbanes-Oxley Compliance -- Working with Business Groups -- Internal Audit -- Corporate Risk Management -- Privacy -- Corporate Security -- Business Group Managers -- Conclusion -- Chapter 4: External Partnerships: The Power of Sharing Information -- The Value of External Partnerships -- External Partnerships: Types and Tiers -- 1:1 Partnerships.
Communities -- Community Characteristics -- Community Goals -- Sharing Information about Threats and Vulnerabilities -- Sharing Best Practices and Benchmarking -- Influencing Regulations and Standards -- Corporate Citizenship -- Conclusion -- Chapter 5: People Are the Perimeter -- The Shifting Perimeter -- Compliance or Commitment? -- Examining the Risks -- Adjusting Behavior -- A Model for Improving Security Awareness -- Broadening the Awareness Model -- The Security Benefits of Personal Use -- Roundabouts and Stop Signs -- The Technology Professional -- Insider Threats -- Deter -- Detect -- Discipline -- Finding the Balance -- Chapter 6: Emerging Threats and Vulnerabilities: Reality and Rhetoric -- Structured Methods for Identifying Threat Trends -- The Product Life Cycle Model -- Understanding Threat Agents -- Playing War Games -- Trends That Span the Threat Landscape -- Trust Is an Attack Surface -- Barriers to Entry Are Crumbling -- The Rise of Edge Case Insecurity -- The Enemy Knows the System -- Key Threat Activity Areas -- The Industry of Malware -- The Web Expands to the Internet of Things -- Smartphones -- Web Applications -- Conclusion -- Chapter 7: A New Security Architecture to Improve Business Agility -- The 9 Box of Controls, Business Trends, and Architecture Requirements -- 9 Box of Controls -- IT Consumerization -- New Business Needs -- Cloud Computing -- Changing Threat Landscape -- Privacy and Regulatory Requirements -- New Architecture -- Trust Calculation -- Source Score -- Destination Score -- Available Controls -- Calculating Trust -- Security Zones -- Untrusted Zones -- Selective Zones -- Trusted Zones -- Balanced Controls -- Users, Data, and the Internet of Things: The New Perimeters -- Data Perimeter -- User Perimeter -- Internet of Things -- Conclusion -- Chapter 8: Looking to the Future: Emerging Security Capabilities.
Internet of Things -- Consistent User Experience Across Devices -- Cloud Computing -- Big Data Analytics -- Artificial Intelligence -- Business Benefits and Risks -- New Security Capabilities -- Baseline Security -- Protected Environments -- Encryption -- Hardware Acceleration -- Enhanced Recovery -- AI-Based Security and Automation -- Context-Aware Security -- Cloud Security and Context Awareness -- Security Analytics and Data Protection -- Conclusion -- Chapter 9: Corporate Social Responsibility: The Ethics of Managing Information Risk -- The Expanding Scope of Corporate Social Responsibility -- The Evolution of Technology and Its Impact -- Maintaining Society's Trust -- The Ethics of Managing Information Risk -- Conclusion -- Chapter 10: The 21st Century CISO -- Chief Trust Officer -- The Z-Shaped Individual -- Foundational Skills -- Becoming a Storyteller -- Fear Is Junk Food -- Accentuating the Positive -- Demonstrating the Reality of Risk -- The CISO's Sixth Sense -- Taking Action at the Speed of Trust -- The CISO as a Leader -- Learning from Other Business Leaders -- Voicing Our Values -- Discussing Information Risk at Board Level -- Conclusion -- Chapter 11: Performance Coaching -- How to Use the Tables -- Independence and Initiative -- Efficiency and Effectiveness -- Commitment -- Professionalism -- Discipline -- Teamwork -- Problem-Solving -- Communication -- Listening -- Style -- Clarity -- Goal-Setting -- Conclusion -- Appendix A -- Index.
isbn 1-4842-1456-0
callnumber-first Q - Science
callnumber-subject QA - Mathematics
callnumber-label QA76
callnumber-sort QA 276.9 A25
illustrated Illustrated
dewey-hundreds 000 - Computer science, information & general works
dewey-tens 000 - Computer science, knowledge & systems
dewey-ones 005 - Computer programming, programs & data
dewey-full 005.8
dewey-sort 15.8
dewey-raw 005.8
dewey-search 005.8
oclc_num 958879520
1066183556
work_keys_str_mv AT harkinsmalcolm managingriskandinformationsecurityprotecttoenable
status_str n
ids_txt_mv (CKB)4340000000014851
(Safari)9781484214558
(OCoLC)958879520
(MiAaPQ)EBC5575803
(Au-PeEL)EBL5575803
(OCoLC)1066183556
(MiAaPQ)EBC6422848
(EXLCZ)994340000000014851
carrierType_str_mv cr
is_hierarchy_title Managing risk and information security : protect to enable /
_version_ 1796653186434465792
fullrecord <?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>06723nam a2200433Ia 4500</leader><controlfield tag="001">993602791104498</controlfield><controlfield tag="005">20220204050450.0</controlfield><controlfield tag="006">m o d </controlfield><controlfield tag="007">cr#unu||||||||</controlfield><controlfield tag="008">160921s2016 xx a ob 001 0 eng d</controlfield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">1-4842-1456-0</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(CKB)4340000000014851</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(Safari)9781484214558</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(OCoLC)958879520</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(MiAaPQ)EBC5575803</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(Au-PeEL)EBL5575803</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(OCoLC)1066183556</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(MiAaPQ)EBC6422848</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(EXLCZ)994340000000014851</subfield></datafield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">UMI</subfield><subfield code="b">eng</subfield><subfield code="e">rda</subfield><subfield code="e">pn</subfield><subfield code="c">UMI</subfield></datafield><datafield tag="050" ind1=" " ind2="4"><subfield code="a">QA76.9.A25</subfield></datafield><datafield tag="082" ind1="0" ind2="0"><subfield code="a">005.8</subfield><subfield code="2">23</subfield></datafield><datafield tag="100" ind1="1" ind2=" "><subfield code="a">Harkins, Malcolm,</subfield><subfield code="e">author.</subfield></datafield><datafield tag="245" ind1="1" ind2="0"><subfield code="a">Managing risk and information security :</subfield><subfield code="b">protect to enable /</subfield><subfield code="c">Malcolm W Harkins.</subfield></datafield><datafield tag="250" ind1=" " ind2=" "><subfield code="a">Second edition.</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="a">[Place of publication not identified] :</subfield><subfield code="b">Apress Open,</subfield><subfield code="c">[2016]</subfield></datafield><datafield tag="264" ind1=" " ind2="2"><subfield code="a">New York, NY :</subfield><subfield code="b">Distributed to the book trade worldwide by Springer Science+Business Media New York</subfield></datafield><datafield tag="264" ind1=" " ind2="4"><subfield code="c">©2016</subfield></datafield><datafield tag="300" ind1=" " ind2=" "><subfield code="a">1 online resource (1 volume) :</subfield><subfield code="b">illustrations</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="a">text</subfield><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="a">computer</subfield><subfield code="b">c</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="a">online resource</subfield><subfield code="b">cr</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="588" ind1=" " ind2=" "><subfield code="a">Description based on online resource; title from cover (Safari, viewed September 19, 2016).</subfield></datafield><datafield tag="504" ind1=" " ind2=" "><subfield code="a">Includes bibliographical references and index.</subfield></datafield><datafield tag="505" ind1="0" ind2=" "><subfield code="a">Intro -- Contents at a Glance -- Contents -- Foreword -- Praise for the second edition of Managing Risk and Information Security -- About the Author -- Acknowledgments -- Preface -- Chapter 1: Introduction -- Protect to Enable® -- Building Trust -- Keeping the Company Legal: The Regulatory Flood -- Privacy: Protecting Personal Information -- Personalization vs. Privacy -- Financial Regulations -- E-Discovery -- Expanding Scope of Regulation -- The Rapid Proliferation of Information, Devices, and Things -- The Changing Threat Landscape -- Stealthy Malware -- Nine Irrefutable Laws of Information Risk -- A New Approach to Managing Risk -- Chapter 2: The Misperception of Risk -- The Subjectivity of Risk Perception -- How Employees Misperceive Risk -- The Lure of the Shiny Bauble -- How Security Professionals Misperceive Risk -- Security and Privacy -- How Decision Makers Misperceive Risk -- How to Mitigate the Misperception of Risk -- Uncovering New Perspectives During Risk Assessments -- Communication Is Essential -- Building Credibility -- Chapter 3: Governance and Internal Partnerships: How to Sense, Interpret, and Act on Risk -- Information Risk Governance -- Finding the Right Governance Structure -- Building Internal Partnerships -- Legal -- Privacy -- Litigation -- Intellectual Property -- Contracts -- Financial Compliance -- Legal Specialists Within Business Groups -- Human Resources -- Setting Employee Expectations in Security Policies -- Employee Communications -- Investigations -- Finance -- Sarbanes-Oxley Compliance -- Working with Business Groups -- Internal Audit -- Corporate Risk Management -- Privacy -- Corporate Security -- Business Group Managers -- Conclusion -- Chapter 4: External Partnerships: The Power of Sharing Information -- The Value of External Partnerships -- External Partnerships: Types and Tiers -- 1:1 Partnerships.</subfield></datafield><datafield tag="505" ind1="8" ind2=" "><subfield code="a">Communities -- Community Characteristics -- Community Goals -- Sharing Information about Threats and Vulnerabilities -- Sharing Best Practices and Benchmarking -- Influencing Regulations and Standards -- Corporate Citizenship -- Conclusion -- Chapter 5: People Are the Perimeter -- The Shifting Perimeter -- Compliance or Commitment? -- Examining the Risks -- Adjusting Behavior -- A Model for Improving Security Awareness -- Broadening the Awareness Model -- The Security Benefits of Personal Use -- Roundabouts and Stop Signs -- The Technology Professional -- Insider Threats -- Deter -- Detect -- Discipline -- Finding the Balance -- Chapter 6: Emerging Threats and Vulnerabilities: Reality and Rhetoric -- Structured Methods for Identifying Threat Trends -- The Product Life Cycle Model -- Understanding Threat Agents -- Playing War Games -- Trends That Span the Threat Landscape -- Trust Is an Attack Surface -- Barriers to Entry Are Crumbling -- The Rise of Edge Case Insecurity -- The Enemy Knows the System -- Key Threat Activity Areas -- The Industry of Malware -- The Web Expands to the Internet of Things -- Smartphones -- Web Applications -- Conclusion -- Chapter 7: A New Security Architecture to Improve Business Agility -- The 9 Box of Controls, Business Trends, and Architecture Requirements -- 9 Box of Controls -- IT Consumerization -- New Business Needs -- Cloud Computing -- Changing Threat Landscape -- Privacy and Regulatory Requirements -- New Architecture -- Trust Calculation -- Source Score -- Destination Score -- Available Controls -- Calculating Trust -- Security Zones -- Untrusted Zones -- Selective Zones -- Trusted Zones -- Balanced Controls -- Users, Data, and the Internet of Things: The New Perimeters -- Data Perimeter -- User Perimeter -- Internet of Things -- Conclusion -- Chapter 8: Looking to the Future: Emerging Security Capabilities.</subfield></datafield><datafield tag="505" ind1="8" ind2=" "><subfield code="a">Internet of Things -- Consistent User Experience Across Devices -- Cloud Computing -- Big Data Analytics -- Artificial Intelligence -- Business Benefits and Risks -- New Security Capabilities -- Baseline Security -- Protected Environments -- Encryption -- Hardware Acceleration -- Enhanced Recovery -- AI-Based Security and Automation -- Context-Aware Security -- Cloud Security and Context Awareness -- Security Analytics and Data Protection -- Conclusion -- Chapter 9: Corporate Social Responsibility: The Ethics of Managing Information Risk -- The Expanding Scope of Corporate Social Responsibility -- The Evolution of Technology and Its Impact -- Maintaining Society's Trust -- The Ethics of Managing Information Risk -- Conclusion -- Chapter 10: The 21st Century CISO -- Chief Trust Officer -- The Z-Shaped Individual -- Foundational Skills -- Becoming a Storyteller -- Fear Is Junk Food -- Accentuating the Positive -- Demonstrating the Reality of Risk -- The CISO's Sixth Sense -- Taking Action at the Speed of Trust -- The CISO as a Leader -- Learning from Other Business Leaders -- Voicing Our Values -- Discussing Information Risk at Board Level -- Conclusion -- Chapter 11: Performance Coaching -- How to Use the Tables -- Independence and Initiative -- Efficiency and Effectiveness -- Commitment -- Professionalism -- Discipline -- Teamwork -- Problem-Solving -- Communication -- Listening -- Style -- Clarity -- Goal-Setting -- Conclusion -- Appendix A -- Index.</subfield></datafield><datafield tag="650" ind1=" " ind2="0"><subfield code="a">Computer security.</subfield></datafield><datafield tag="650" ind1=" " ind2="0"><subfield code="a">Electronic information resources</subfield><subfield code="x">Access control.</subfield></datafield><datafield tag="906" ind1=" " ind2=" "><subfield code="a">BOOK</subfield></datafield><datafield tag="ADM" ind1=" " ind2=" "><subfield code="b">2023-06-09 01:04:01 Europe/Vienna</subfield><subfield code="f">System</subfield><subfield code="c">marc21</subfield><subfield code="a">2016-11-05 18:53:58 Europe/Vienna</subfield><subfield code="g">false</subfield></datafield><datafield tag="AVE" ind1=" " ind2=" "><subfield code="i">DOAB Directory of Open Access Books</subfield><subfield code="P">DOAB Directory of Open Access Books</subfield><subfield code="x">https://eu02.alma.exlibrisgroup.com/view/uresolver/43ACC_OEAW/openurl?u.ignore_date_coverage=true&amp;portfolio_pid=5345705940004498&amp;Force_direct=true</subfield><subfield code="Z">5345705940004498</subfield><subfield code="b">Available</subfield><subfield code="8">5345705940004498</subfield></datafield></record></collection>

Similar Items