Managing Information Security Risks : the OCTAVESM Approach /

Information security requires far more than the latest tool or technology. Organizations must understand exactly what they are trying to protect--and why--before selecting specific solutions. Security issues are complex and often are rooted in organizational and business concerns. A careful evaluati...

Descripción completa

Detalles Bibliográficos
Autores principales: Alberts, Christopher (Autor), Dorofee, Audrey (Autor)
Autor Corporativo: Safari, an O'Reilly Media Company
Formato: Electrónico eBook
Idioma:Inglés
Publicado: Addison-Wesley Professional, 2002.
Edición:1st edition.
Temas:
Information technology > Security measures.
Computer security > Management.
Computer networks > Security measures.
Data protection.
Technologie de l'information > Sécurité > Mesures.
Sécurité informatique > Gestion.
Réseaux d'ordinateurs > Sécurité > Mesures.
Protection de l'information (Informatique)
Computer networks > Security measures
Computer security > Management
Data protection
Information technology > Security measures
Acceso en línea:Texto completo (Requiere registro previo con correo institucional)
Descripción
Sumario:Information security requires far more than the latest tool or technology. Organizations must understand exactly what they are trying to protect--and why--before selecting specific solutions. Security issues are complex and often are rooted in organizational and business concerns. A careful evaluation of security needs and risks in this broader context must precede any security implementation to insure that all the relevant, underlying problems are first uncovered. The OCTAVE approach for self-directed security evaluations was developed at the influential CERT(R) Coordination Center. This approach is designed to help you: Identify and rank key information assets Weigh threats to those assets Analyze vulnerabilities involving both technology and practices OCTAVE(SM) enables any organization to develop security priorities based on the organization's particular business concerns. The approach provides a coherent framework for aligning security actions with overall objectives. Managing Information Security Risks, written by the developers of OCTAVE, is the complete and authoritative guide to its principles and implementations. The book: Provides a systematic way to evaluate and manage information security risks Illustrates the implementation of self-directed evaluations Shows how to tailor evaluation methods to different types of organizations Special features of the book include: A running example to illustrate important concepts and techniques A convenient set of evaluation worksheets A catalog of best practices to which organizations can compare their own 0321118863B05172002.
Descripción Física:1 online resource (512 pages)

Ejemplares similares