Security Strategy: From Requirements to Reality

Front Cover
CRC Press, Oct 13, 2010 - Business & Economics - 346 pages
Addressing the diminished understanding of the value of security on the executive side and a lack of good business processes on the security side, Security Strategy: From Requirements to Reality explains how to select, develop, and deploy the security strategy best suited to your organization. It clarifies the purpose and place of strategy in an in
 

What people are saying - Write a review

We haven't found any reviews in the usual places.

Contents

Section I STRATEGY
1
An Introduction
3
Chapter 2 Getting to the Big Picture
17
Chapter 3 Testing the Consumer
41
Chapter 4 Strategic Framework Inputs to Strategic Planning
53
Chapter 5 Developing a Strategic Planning Process
73
Chapter 6 Gates Geeks and Guards Security Convergence
91
Section II TACTICS
101
Chapter 10 Trust but Verify Accountability
169
Chapter 11 SDL and Incident Response
189
Chapter 12 Keep Your Enemies Closer
225
Chapter 13 Hire a Hessian Outsourcing
253
Chapter 14 Security Awareness Training
275
References
295
Appendix
303
Index
313

An Introduction
103
Chapter 8 Layer upon Layer Defense in Depth
119
Chapter 9 Did You See That Observation
143
Back cover
323
Copyright

Other editions - View all

Common terms and phrases

About the author (2010)

WilliamBill Stackpole, CISSP/ISSAP, CISM, former Principal Security Architect for Microsoft Online Services, has more than 25 years of IT experience in security and project management. In his past position, Bill provided thought leadership and guidance for Microsoft's Secure Online Services Delivery Architecture. Before joining Microsoft, Bill was a principal consultant for Predictive System, an international network consultancy where he was the architect and promoted the application security business. Bill holds a B.S. degree in Management Information Systems, a CISSP with an Architecture Professional endorsement. He is co-author of Software Deployment,Updating, and Patching (Auerbach, 2007) and a contributing editor to Auerbach's Handbook on Information Security Management (Krause and Tipton). Bill is a former chair for the CISSP Test Development Committee and a current member of the (ISC)2 Common Body of Knowledge committees for the CISSP and ISSAP certifications.

Eric Oksendahl, former Security Strategist for Boeing, has more than 25 years of experience as a business management consultant, senior facilitator, teacher, and program manager. At Boeing, Eric facilitated strategy development and implementation for the Security and Fire Protection division, including physical and information security. He designed and coordinated the use of strategy development and initiative deployment to integrate security practices into key business processes (e.g., international sales campaigns). Prior to that, Eric was a program manager at the Boeing Leadership Center where he conducted leadership development courses around the world that included Boeing management, supplier management, and customer management. Eric holds a B.A. from Montana State University and an M.A. in Communications from the University of Washington.

Bibliographic information