Building an Information Security Awareness Program - Mark B. Desman

Building an Information Security Awareness Program

(Autor)

Buch | Hardcover
268 Seiten
2017
CRC Press (Verlag)
978-1-138-43698-5 (ISBN)
199,50 inkl. MwSt
Takes readers through developing, distributing, and monitoring an information security awareness program. This book includes instructions on communicating the message and describes how to efficiently use outside sources to optimize the impact of a small staff.
In his latest book, a pre-eminent information security pundit confessed that he was wrong about the solutions to the problem of information security. It's not technology that's the solution, but the human factor-people. But even infosec policies and procedures are insufficient if employees don't know about them, or why they're important, or what can happen to them if they ignore them. The key, of course, is continuous awareness of the problems and the solutions.
Building an Information Security Awareness Program addresses these concerns. A reference and self-study guide, it goes step-by-step through the methodology for developing, distributing, and monitoring an information security awareness program. It includes detailed instructions on determining what media to use and where to locate it, and it describes how to efficiently use outside sources to optimize the output of a small staff. The author stresses the importance of security and the entire organizations' role and responsibility in protecting it. He presents the material in a fashion that makes it easy for nontechnical staff members to grasp the concepts. These attributes render Building an Information Security Awareness Program an immensely valuable reference in the arsenal of the IS professional.

Mark B. Desman

GETTING STARTED. Reviewing the Provisions the Company Now Has in Place. Learning the Players-Where the Power Resides. Learning the Corporate Culture-What Can Work Here, What Cannot. Obtaining Management Buyoff-How to Present the Case. Finding Communications Vehicles Currently in Place. ESTABLISHING A BASELINE. Review All Company Polices, Procedures, Standards, Guidelines That Even Remotely Address Information Security Issues. Identifying What Can Be Updated. Identify Documentation Needed. Prepare Documentation. Prepare Forms. Obtain Management Support for Documents-The Seal of Approval. Distribution. COMMUNICATIONS. The Media Available Through the Company. New Technology. Class or Presentation Design. Inclusion of HR Based Communications. Leveraging Resources. Locating Additional Resources. Placing Your Shots-Getting the Most Bang for Your Buck. EVALUATION. Demonstrating the Effectiveness of Your Program. Refreshing Staff Knowledge and Agreements. Use Statistics-Sparingly but Pointedly. Getting Third Party Input. Leveraging Internal Audit. Keeping Up with the Joneses-What Is Happening in the Industry.Updating the Program to Address Changing Needs.

Erscheinungsdatum
Verlagsort London
Sprache englisch
Maße 178 x 254 mm
Gewicht 660 g
Themenwelt Informatik Netzwerke Sicherheit / Firewall
Mathematik / Informatik Informatik Theorie / Studium
Recht / Steuern Privatrecht / Bürgerliches Recht IT-Recht
Wirtschaft Volkswirtschaftslehre
ISBN-10 1-138-43698-4 / 1138436984
ISBN-13 978-1-138-43698-5 / 9781138436985
Zustand Neuware
Haben Sie eine Frage zum Produkt?
Mehr entdecken
aus dem Bereich

von Chaos Computer Club

Buch | Softcover (2024)
KATAPULT Verlag
28,00