Addressing the diminished understanding of the value of security on the executive side and a lack of good business processes on the security side, Security Strategy: From Requirements to Reality explains how to select, develop, and deploy the security strategy best suited to your organization. It clarifies the purpose and place of strategy in an information security program and arms security managers and practitioners with a set of security tactics to support the implementation of strategic planning initiatives, goals, and objectives.
The book focuses on security strategy planning and execution to provide a clear and comprehensive look at the structures and tools needed to build a security program that enables and enhances business processes. Divided into two parts, the first part considers business strategy and the second part details specific tactics. The information in both sections will help security practitioners and mangers develop a viable synergy that will allow security to take its place as a valued partner and contributor to the success and profitability of the enterprise.
Confusing strategies and tactics all too often keep organizations from properly implementing an effective information protection strategy. This versatile reference presents information in a way that makes it accessible and applicable to organizations of all sizes. Complete with checklists of the physical security requirements that organizations should consider when evaluating or designing facilities, it provides the tools and understanding to enable your company to achieve the operational efficiencies, cost reductions, and brand enhancements that are possible when an effective security strategy is put into action.
This book focuses on the process, objectives, and controls of security strategy. It consists of two sections: Strategy (6 chapters) and Tactics (8 chapters). The sections include strategy how-to's and security tactics, which support the realization of security. The strategy portion is aimed at executives, whereas the tactics portion is geared toward security professionals. ! The authors--both security veterans--share many personal anecdotes. They use relevant quotes and concisely illustrate their points. The book addresses security quality attributes promoted by the Architecture Tradeoff Analysis Method (ATAM) and used in the Sherwood Applied Business Security Architecture (SABSA) framework ! . --A. Marlen, Reviews.com
STRATEGY Strategy: An Introduction Strategic Planning Essentials Strategic Planning Process Evaluation Security Leadership Challenges Getting Started Other Challenges for Security and Strategic Planning When Strategic Planning Should Be Conducted Metaphor Analysis and Strategic Planning Creating a Security Culture Security Continuum (Moving toward a Security Culture) Getting to the Big Picture Background (Why Should Security Bother with Strategic Planning?) Menu of Strategic Planning Methods and Models Which Strategic Planning Tools? What Are Security Plan Essentials? (Analysis, Planning, and Implementation) When Should Strategic Planning Be Done? Six Keys to Successful Strategic Planning Myths about Strategic Planning Barriers to Strategic Planning Overcoming Negative Perceptions of Security Developing Strategic Thinking Skills Testing the Consumer Defining the Consumer Buckets Quick Customer Assessment Designing Customer Feedback Surveys Deploying a Survey Measuring Customer Satisfaction Results Integration of Consumer Data Strategic Framework (Inputs to Strategic Planning) Environmental Scan Regulations and Legal Environment Industry Standards Marketplace--Customer Base Organizational Culture National and International Requirements (Political and Economic) Competitive Intelligence Business Intelligence Technical Environment and Culture Business Drivers Additional Environmental Scan Resources Scenario Planning Futurist Consultant Services Blue Ocean Strategy versus Red Ocean Strategy Future (the Need to Be Forward Looking) Developing a Strategic Planning Process Process and Procedures Get Ready to Plan for a Plan Planning, Preparation, and Facilitation Building a Foundation for Strategy (High, Wide, and Deep) In the Beginning Implementation (a Bias toward Action and Learning) Feedback, Tracking, and Control Completion Best Strategies (Strategies That Work) Gates, Geeks, and Guards (Security Convergence) Benefits of Security Convergence Convergence Challenges Success Factors TACTICS Tactics: An Introduction Tactical Framework Objectives Identification First Principles Layer upon Layer (Defense in Depth) Defense-in-Depth Objectives Identification Information Environments Threats Environmental Objectives Did You See That! (Observation) Observation Objectives Drivers and Benefits for Excellence in Observation Observation Challenges Success Factors and Lessons Learned Excellence in Observation Control Objectives Trust but Verify (Accountability) Unmatched Value of Accountability Comprehensive Accountability Challenges Best Uses for the Accountability Tactic Comprehensive Accountability Identity Objectives Comprehensive Accountability Audit Objectives SDL and Incident Response Application (SDL)2--Software as a Service Extensions (SaaS) Transition Objectives Rapid Response Keep Your Enemies Closer Hire a Hacker Objectives The Hire a Hacker Controversy Success Factors and Lessons Learned Control Objectives Hire a Hessian (Outsourcing) Security in the Outsourcing of IT Services Security in the Outsourcing of Security Services Outsourcing of Security Services Objectives Challenges to Outsourcing Security Services Success Factors and Lessons Learned Outsourcing Security Services Control Objectives Security Awareness Training Staff Development Training Security Awareness Training Awareness Training Drivers and Benefits Industry Training Trends and Best-Practices Examples Training Resources Awareness Training Challenges Success Factors and Lessons Learned How Do You Know if Your Training Is Successful? Appendix: Physical Security Checklists
Tertiary; University or College
Number Of Pages: 346
Published: 24th September 2010
Publisher: Taylor & Francis Ltd
Country of Publication: GB
Dimensions (cm): 24.77 x 17.15
Weight (kg): 0.64
Edition Number: 1