Manager's guide to enterprise security risk management : essentials of risk-based security.
Is security management changing so fast that you can't keep up? Perhaps it seems like those traditional "best practices" in security no longer work? One answer might be that you need better best practices! In their new book, The Manager's Guide to Enterprise Security Risk Managem...
Clasificación: | Libro Electrónico |
---|---|
Autor principal: | |
Formato: | Electrónico eBook |
Idioma: | Inglés |
Publicado: |
Rothstein Publishing,
2016.
|
Temas: | |
Acceso en línea: | Texto completo |
Tabla de Contenidos:
- Cover; Title page; Copyright; Table of Contents; Part 1: What Is Enterprise Security Risk Management (ESRM) and How Can It Help You?; Chapter 1: What is Enterprise Security Risk Management (ESRM)?; 1.1 ESRM Defined; 1.1.1 Enterprise; 1.1.2 Security Risk; 1.1.3 Risk Principles; 1.2 How is ESRM Different from Traditional Security?The description; 1.2.1 Traditional Corporate Security Scenarios: Something is Missing; 1.3 What is ESRM? − A Closer Look; 1.3.1 The Phases of the ESRM Life Cycle; 1.3.2 Managing Risk in a Life Cycle; 1.4 What ESRM Is
- and What It Is Not; 1.4.1 ESRM Mission and Goals
- 1.4.1.1 Enterprise Risk Management: A Brief Overview 1.4.2 ESRM vs. Security Organization Convergence; Chapter 2: Why Does the Security Industry Need ESRM?; 2.1 Why Does the Traditional Approach to Security Frustrate So Many People?; 2.1.1 The Missing Network Switch: A Story of Security Frustration in a TraditionalSecurity Environment; 2.1.2 The Missing Network Switch: A Story of Security Partnership in an ESRMSecurity Environment; 2.1.3 The Missing Network Switch: Lessons Learned and the ESRM Difference; 2.2 What Do We Mean by "Traditional" Security vs. ESRM?
- 2.2.1 What Does Security Do? The Traditional View2.2.1.1 The Answer from the Security Practitioner; 2.2.1.2 The Answer from the Board of Directors and Senior Executives; 2.2.1.3 The Answer from Operational Personnel; 2.2.2 Why the Security Industry Needs to Define "Security"; 2.2.3 What Does Security Do? The ESRM View; 2.2.3.1 Managing Security Risks; 2.2.3.2 Basic Risk Principles; 2.3 The Security Professional and the Business Leader: Moving BeyondFrustration with One Another; 2.4 ESRM-Based Security: Moving from Task Management to Risk Management; 2.4.1 Task Management.
- 2.4.2 Risk Management2.5 The ESRM Solution: A New Philosophy; 2.5.1 Security Becomes Strategic; 2.5.2 Security Becomes a Business Function; 2.6 ESRM as a Path to Security Success; 2.6.1 What Does "Security Success" Look Like?; 2.6.1.1 Success Is Not Just Measured by Numbers; 2.6.1.2 In Security Success, Intangibles Are Important; 2.6.1.3 Your Answers Create Your Definition of "Success"; Part 2: Implementing an ESRM Program; Chapter 3: Preparing to Implement an ESRM Program; 3.1 Begin by Working to Understand the Business and Its Mission; 3.1.1 What Are the Insiders Saying?
- 3.1.2 What is the Business Saying About Itself?3.1.3 What Are Outsiders Saying?; 3.1.4 What Isn't Being Said?; 3.1.5 What Is the Environment the Enterprise Operates In?; 3.1.6 Who Are the Environmental Decision-Makers?; 3.2 Understanding Your Stakeholders − and Why They Matter; 3.2.1 What Is a Stakeholder?; 3.2.2 Why Should You Care About Stakeholders?; 3.2.3 What Is the Role of the Stakeholders in ESRM?; 3.2.4 Finding Your Stakeholders: A Closer Look; 3.2.5 Example 1: Customer Personal Data − Whose Asset Is It?; 3.2.6 Example 2: Customer Personal Data − Who Decides