Inside the Security Mind

Making the Tough Decisions

Kevin Day

330 pages, parution le 07/03/2003

Ajouter à une liste

Indisponible

Résumé

Organizations today commit ever-increasing resources to information security, but are scarcely more secure than they were four or five years ago! By treating information security like an ordinary technological practice-that is, by throwing money, a handful of the latest technologies, and a lineup of gurus at the problem-they invariably wind up with expensive, but deeply flawed, solutions. The only way out of this trap is to change one's way of thinking about security: to grasp the reasoning, philosophy, and logic that underlie all successful security efforts.

In Inside the Security Mind: Making the Tough Decisions, security expert Kevin Day teaches you how to approach information security the way the top gurus do-as an art, rather than a collection of technologies. By applying this discipline, your solutions will be more secure and less burdensome in time, expense, and effort. The first part of the book explains the practice of breaking security decisions down into a set of simple rules. These rules may then be applied to make solid security decisions in almost any environment. In the second part, Day uses a series of practical examples to illustrate exactly how the discipline works in practice. Additional material covers:

Designing an enterprise security plan, including perimeter/firewall and Internal defenses, application, system, and hardware security
Ongoing security measures-recurring audits, vulnerability maintenance, logging and monitoring, and incident response, plus risk assessment
Choosing between open source and proprietary solutions; and wired, wireless, and virtual private networks

This book is essential reading for anyone working to keep information secure. Technical and non-technical IT professionals alike can apply Day's concepts and strategies to become security gurus, while seasoned practitioners will benefit from the unique and effective presentation of the essential security practices.

Contents

Introduction
A New Look at Information Security
The Four Virtues of Security
The Eight Rules of Security
Developing a Higher Security Mind
Making Security Decisions
Know Thy Enemy and Know Thyself
Practical Security Assessments
The Security Staff
Modern Considerations
The Rules in Practice
Going Forward
Appendix A. Tips on Keeping Up-To-Date
Appendix B. Ideas for Training
Appendix C. Additional Recommended Audit Practices
Appendix D. Recommended Reading
Appendix E. The Hidden Statistics of Information Security

L'auteur - Kevin Day

KEVIN DAY is a CISSP and has worked as the lead security engineer and security practice manager fora major East Coast consulting firm. In these positions, Day worked on a series of high-profileprojects for Fortune 500 companies and government organizations. He is the founder of theRelational Security Corporation and currently heads up a joint venture developing new tools andmethodologies security risk assessment and auditing.

Caractéristiques techniques

	PAPIER
Éditeur(s)	Prentice Hall
Auteur(s)	Kevin Day
Parution	07/03/2003
Nb. de pages	330
Format	17,5 x 23,3
Couverture	Broché
Poids	627g
Intérieur	Noir et Blanc
EAN13	9780131118294
ISBN13	978-0-13-111829-4