|
 |
|
 |
 |
Principles and Practice of Information Security
|
by Linda Volonino and Stephen R. Robinson
Sales Rank: 532016
|
List Price: $108.00
$97.20
At Amazon
|
|
Paperback: 256 pages
Publisher: Prentice Hall; United States Ed edition September 12, 2003
Language: English
ISBN-10: 0131840274
ISBN-13: 978-0131840270
Product Dimensions:
9.1 x 7.3 x 0.7 inches
Shipping Weight: 12.8 ounces
Product Description
This book provides professionals with the necessary managerial, technical, and legal background to support investment decisions in security technology. It discusses security from the perspective of hackers (i.e., technology issues and defenses) and lawyers (i.e., legal issues and defenses). This cross-disciplinary book is designed to help users quickly become current on what has become a fundamental business issue. This book covers the entire range of best security practices—obtaining senior management commitment, defining information security goals and policies, transforming those goals into a strategy for monitoring intrusions and compliance, and understanding legal implications. Topics also include computer crime, electronic evidence, cyber terrorism, and computer forensics. For professionals in information systems, financial accounting, human resources, health care, legal policy, and law. Because neither technical nor legal expertise is necessary to understand the concepts and issues presented, this book can be required reading for everyone as part of an enterprise-wide computer security awareness program.
Back Cover Copy
This book provides professionals with the necessary managerial, technical, and legal background to support investment decisions in security technology. It discusses security from the perspective of hackers (i.e., technology issues and defenses) and lawyers (i.e., legal issues and defenses). This cross-disciplinary book is designed to help users quickly become current on what has become a fundamental business issue. This book covers the entire range of best security practicesobtaining senior management commitment, defining information security goals and policies, transforming those goals into a strategy for monitoring intrusions and compliance, and understanding legal implications. Topics also include computer crime, electronic evidence, cyber terrorism, and computer forensics. For professionals in information systems, financial accounting, human resources, health care, legal policy, and law. Because neither technical nor legal expertise is necessary to understand the concepts and issues presented, this book can be required reading for everyone as part of an enterprise-wide computer security awareness program.
Customer Reviews & Comments
This book is short (good!) and full of information. The coverage seems very complete. The authors are careful not to get too involved in the details of the technology (also good, since said details will be obsolete in a year). Instead they explain what security issues are significant, what the associated risks are, and what kind of cost effective responses are available. The emphasis throughout is on cost-effective responses: perfection is unaffordable, but not having a security policy is unacceptable. Volonino and Robinson focus on striking a middle ground. I also liked their top down approach to IT security: 1) get high level commitment 2) lay out appropriate policies (& make sure everyone has signed off) 3) develop corresponding procedures 4) then, decide what mix of hardware, software, & network tools best implement those procedures. This starts with the people (most security problems can be traced back to human err) and avoids "vendor-driven security", which is seldom optimal for a specific situation. My favorite factoid from the book is that the quality of the security at a company is directly proportional to the rank of the chief security officer, i.e. to how seriously the company takes security. All in all, "Principles and Practice of Information Security" is a very good place to start if you want to get a handle on IT security. And I think it will also function well as a way to review how balanced and thorough your existing security plans are.
Comment | Permalink |
(Report this)
|
Principles and Practice of Information Security
List Price: $108.00
Available from Amazon
Price: $97.20
| |
|
|
|
|
