Measuring and Managing Information Risk - Jack Freund, Jack Jones

Measuring and Managing Information Risk

A FAIR Approach

, (Autoren)

Buch | Softcover
408 Seiten
2014
Butterworth-Heinemann Inc (Verlag)
978-0-12-420231-3 (ISBN)
49,85 inkl. MwSt
Zu diesem Artikel existiert eine Nachauflage
Using the factor analysis of information risk (FAIR) methodology developed over ten years and adopted by corporations worldwide, Measuring and Managing Information Risk provides a proven and credible framework for understanding, measuring, and analyzing information risk of any size or complexity. Intended for organizations that need to either build a risk management program from the ground up or strengthen an existing one, this book provides a unique and fresh perspective on how to do a basic quantitative risk analysis. Covering such key areas as risk theory, risk calculation, scenario modeling, and communicating risk within the organization, Measuring and Managing Information Risk helps managers make better business decisions by understanding their organizational risk.

Dr. Jack Freund is a leading voice in cyber risk measurement and management. As VP, Head of Cyber Risk Methodology for BitSight, Jack has overall responsibility for the systemic development and application of frameworks, algorithms, and quantitative and qualitative methods to measure cyber risk. Previously, Jack was Director of Risk Science at quantitative risk management startup RiskLens and Director of Cyber Risk for TIAA. Jack holds a Ph.D. in Information Systems from Nova Southeastern University, a Masters in Telecommunication and Project Management, and a BS in CIS. Jack has been named a Senior Member of the IEEE and ACM, a Fellow of the IAPP and FAIR Institute, and a Distinguished Fellow of the ISSA. He is the 2020 recipient of the (ISC)2 Global Achievement Award, 2018 recipient of ISACA’s John W. Lainhart IV Common Body of Knowledge Award, and the FAIR Institute’s 2018 FAIR Champion Award. Jack Jones has worked in information security for over 35 years, serving as a CISO with three different companies, including a Fortune 100 company. His work was recognized in 2006 with the ISSA Excellence in the Field of Security Practices award, and in 2012 he received the CSO Compass award. As an Adjunct Professor at Carnegie Mellon University, he teaches in the CRO and CISO executive programs. Jones also created the Factor Analysis of Information Risk (FAIR) model, as well as the FAIR Controls Analytics Model (FAIR-CAM), since adopted as international standards. Jones is the Chief Risk Scientist at RiskLens and Chairman of the FAIR Institute, an award-winning global non-profit organization.

Chapter 1: Introduction

Chapter 2: Basic Risk Concepts

Chapter 3: The FAIR Risk Ontology

Chapter 4: FAIR Terminology

Chapter 5: Measurement

Chapter 6: Analysis Process

Chapter 7: Interpreting Results

Chapter 8: Risk Analysis Examples

Chapter 9: Thinking about Risk Scenarios Using FAIR

Chapter 10: Common Mistakes

Chapter 11: Controls

Chapter 12: Risk Management

Chapter 13: Information Security Metrics

Chapter 14: Implementing Risk Management

Verlagsort Woburn
Sprache englisch
Maße 191 x 235 mm
Gewicht 840 g
Themenwelt Informatik Netzwerke Sicherheit / Firewall
ISBN-10 0-12-420231-4 / 0124202314
ISBN-13 978-0-12-420231-3 / 9780124202313
Zustand Neuware
Haben Sie eine Frage zum Produkt?
Mehr entdecken
aus dem Bereich
Das Lehrbuch für Konzepte, Prinzipien, Mechanismen, Architekturen und …

von Norbert Pohlmann

Buch | Softcover (2022)
Springer Vieweg (Verlag)
34,99
Management der Informationssicherheit und Vorbereitung auf die …

von Michael Brenner; Nils gentschen Felde; Wolfgang Hommel

Buch (2024)
Carl Hanser (Verlag)
69,99

von Chaos Computer Club

Buch | Softcover (2024)
KATAPULT Verlag
28,00