Contemporary Security Management

Author: John Fay

Publisher: Elsevier

ISBN: 9780123819512

Category: Business & Economics

Page: 480

View: 5178

DOWNLOAD NOW »

Contemporary Security Management, Third Edition teaches security professionals how to operate an efficient security department and how to integrate smoothly with other groups inside and outside their own organizations. Fay demonstrates the specifics of security management: how to organize, plan, develop and manage a security operation. how to identify vulnerabilities. how to determine the protective resources required to offset threats. how to implement all necessary physical and IT security measures. Security professionals share the responsibility for mitigating damage, serving as a resource to an Emergency Tactical Center, assisting the return of business continuity, and liaising with local response agencies such as police and fire departments, emergency medical responders, and emergency warning centers. At the organizational level, the book addresses budgeting, employee performance, counseling, hiring and termination, employee theft and other misconduct, and offers sound advice on building constructive relationships with organizational peers and company management. Comprehensive introduction to security and IT security management principles Discussion of both public and private sector roles, as well as the increasingly common privatizing of government functions New experience-based exercises to sharpen security management and strategic skills and reinforce the content of each chapter
Release

Information Security Management Handbook on CD-ROM, 2006 Edition

Author: Micki Krause

Publisher: CRC Press

ISBN: 0849385857

Category: Computers

Page: 2036

View: 1516

DOWNLOAD NOW »

The need for information security management has never been greater. With constantly changing technology, external intrusions, and internal thefts of data, information security officers face threats at every turn. The Information Security Management Handbook on CD-ROM, 2006 Edition is now available. Containing the complete contents of the Information Security Management Handbook, this is a resource that is portable, linked and searchable by keyword. In addition to an electronic version of the most comprehensive resource for information security management, this CD-ROM contains an extra volume's worth of information that is not found anywhere else, including chapters from other security and networking books that have never appeared in the print editions. Exportable text and hard copies are available at the click of a mouse. The Handbook's numerous authors present the ten domains of the Information Security Common Body of Knowledge (CBK) ®. The CD-ROM serves as an everyday reference for information security practitioners and an important tool for any one preparing for the Certified Information System Security Professional (CISSP) ® examination. New content to this Edition: Sensitive/Critical Data Access Controls Role-Based Access Control Smartcards A Guide to Evaluating Tokens Identity Management-Benefits and Challenges An Examination of Firewall Architectures The Five "W's" and Designing a Secure Identity Based Self-Defending Network Maintaining Network Security-Availability via Intelligent Agents PBX Firewalls: Closing the Back Door Voice over WLAN Spam Wars: How to Deal with Junk E-Mail Auditing the Telephony System: Defenses against Communications Security Breaches and Toll Fraud The "Controls" Matrix Information Security Governance
Release

Enterprise Security Risk Management

Concepts and Applications

Author: Brian Allen, Esq., CISSP, CISM, CPP, CFE,Rachelle Loyear CISM, MBCP

Publisher: Rothstein Publishing

ISBN: 1944480420

Category: Business & Economics

Page: 407

View: 5817

DOWNLOAD NOW »

As a security professional, have you found that you and others in your company do not always define “security” the same way? Perhaps security interests and business interests have become misaligned. Brian Allen and Rachelle Loyear offer a new approach: Enterprise Security Risk Management (ESRM). By viewing security through a risk management lens, ESRM can help make you and your security program successful. In their long-awaited book, based on years of practical experience and research, Brian Allen and Rachelle Loyear show you step-by-step how Enterprise Security Risk Management (ESRM) applies fundamental risk principles to manage all security risks. Whether the risks are informational, cyber, physical security, asset management, or business continuity, all are included in the holistic, all-encompassing ESRM approach which will move you from task-based to risk-based security. How is ESRM familiar? As a security professional, you may already practice some of the components of ESRM. Many of the concepts – such as risk identification, risk transfer and acceptance, crisis management, and incident response – will be well known to you. How is ESRM new? While many of the principles are familiar, the authors have identified few organizations that apply them in the comprehensive, holistic way that ESRM represents – and even fewer that communicate these principles effectively to key decision-makers. How is ESRM practical? ESRM offers you a straightforward, realistic, actionable approach to deal effectively with all the distinct types of security risks facing you as a security practitioner. ESRM is performed in a life cycle of risk management including: Asset assessment and prioritization. Risk assessment and prioritization. Risk treatment (mitigation). Continuous improvement. Throughout Enterprise Security Risk Management: Concepts and Applications, the authors give you the tools and materials that will help you advance you in the security field, no matter if you are a student, a newcomer, or a seasoned professional. Included are realistic case studies, questions to help you assess your own security program, thought-provoking discussion questions, useful figures and tables, and references for your further reading. By redefining how everyone thinks about the role of security in the enterprise, your security organization can focus on working in partnership with business leaders and other key stakeholders to identify and mitigate security risks. As you begin to use ESRM, following the instructions in this book, you will experience greater personal and professional satisfaction as a security professional – and you’ll become a recognized and trusted partner in the business-critical effort of protecting your enterprise and all its assets.
Release

Security Operations Management

Author: Robert McCrie

Publisher: Butterworth-Heinemann

ISBN: 0128026189

Category: Business & Economics

Page: 464

View: 6701

DOWNLOAD NOW »

Security Operations Management, 3rd edition, is the latest edition the seminal reference on corporate security management operations for today’s security management professionals and students. The book explores the characteristics of today’s globalized workplaces, why security has a key role within them, and what the greatest concern are to security practitioners and senior managers. Incorporating the latest security research and best practices, updates to Security Operations Management 3rd edition include explorations of the key skills needed by security managers to demonstrate the value of their security program, greater emphasis on identifying and managing risk, and coverage of the latest technological advances in security control, command, communications, and computing. The third edition also delves more deeply than previous editions into online security training practices, as well as investigates the changing roles of women and minorities in security operations. Includes all-new cases and examples—including from outside the U.S.—providing coverage of both the business and technical aspects of security Offers increased coverage of cybercrime and workplace violence Explores the latest technological advances in security control, command, communications, and computing, and current techniques for how prospective security personnel are vetted, including how to use social media Prepares security professionals for professional certification exams
Release

Introduction to Security

Author: Robert J. Fischer,Gion Green

Publisher: Elsevier

ISBN: 9780750698603

Category: Political Science

Page: 537

View: 4376

DOWNLOAD NOW »

This sixth edition of Introduction to Security upholds the book's tradition of informing readers of contemporary security issues from security equipment and procedures to management and loss prevention theory. This new edition has been updated with the most current information available in the constantly changing security field. Introduction to Security, Sixth Edition introduces readers to the options used to deal with a variety of today's security dilemmas. Two important new chapters on workplace violence and drugs in the workplace have been added. Each chapter is followed up with essay and short-answer questions to challenge readers. This book continues to provide the most comprehensive coverage of security issues for the novice, while providing enough detail that experienced security managers will learn about current issues and changes in the profession. Robert J. Fischer is a professor and Chairman of the Law Enforcement Administration Department at Western Illinois University, where he administers a program with more than 1000 undergraduate and 150 graduate students. He earned his Ph.D. in education administration from Southern Illinois University in 1981. Dr. Fischer has served as a consultant to many organizations, including publishers, private security firms, and retailers, and as a contract consultant on police training issues for the Illinois Local Government Police Training Board since 1989. Dr. Fischer is a member of the Academy of Criminal Justice Sciences, The Illinois Association of Criminal Justice Educators, and the American Society for Industrial Security. *Retains the exceptional organization and coverage of the previous editions *New chapter on Workplace Violence *New chapter on Drugs in the Workplace
Release

Effective Security Management

Author: Charles A. Sennewald

Publisher: N.A

ISBN: N.A

Category: Industries

Page: 385

View: 1401

DOWNLOAD NOW »

The revision of Effective Security Management retains the excellent qualities which made the original editions a standard of the profession: a readable, comprehensive guide to the organization, staffing, and operation of the security function. Sennewald, a recognized leader in the field, applies modern management strategies to the concerns and problems facing every security manager. The focus of this book is not on abstract theories but rather on practical methods which can be used in managing an effective security department. The third edition is enhanced with the addition of an entire chapter devoted to computer security. This chapter explains many of the distinct applications that the personal computer can have in the administrative, managerial, and supervisorial aspects of the security function. Included are details of the development of microcomputers, their operation, benefits, and risks. Due to the complexity of this emerging technology, a glossary to explain certain technical terms is provided. Charles A. (Chuck) Sennewald is an independent security management consultant and the author of numerous Butterworth-Heinemann titles: The Process of Investigation; Shoplifting; Security Consulting; and Effective Security Management. Mr. Sennewald is the founder and first president of the International Association of Professional Security Consultants and a member of ASIS and ASET. Includes a new chapter on Computer Security ManagementRetains the outstanding organization of the previous editionsRecommended reading for the CPP exam
Release

Hacking Exposed Windows: Microsoft Windows Security Secrets and Solutions, Third Edition

Author: Joel Scambray

Publisher: McGraw Hill Professional

ISBN: 9780071596695

Category: Computers

Page: 451

View: 4087

DOWNLOAD NOW »

The latest Windows security attack and defense strategies "Securing Windows begins with reading this book." --James Costello (CISSP) IT Security Specialist, Honeywell Meet the challenges of Windows security with the exclusive Hacking Exposed "attack-countermeasure" approach. Learn how real-world malicious hackers conduct reconnaissance of targets and then exploit common misconfigurations and software flaws on both clients and servers. See leading-edge exploitation techniques demonstrated, and learn how the latest countermeasures in Windows XP, Vista, and Server 2003/2008 can mitigate these attacks. Get practical advice based on the authors' and contributors' many years as security professionals hired to break into the world's largest IT infrastructures. Dramatically improve the security of Microsoft technology deployments of all sizes when you learn to: Establish business relevance and context for security by highlighting real-world risks Take a tour of the Windows security architecture from the hacker's perspective, exposing old and new vulnerabilities that can easily be avoided Understand how hackers use reconnaissance techniques such as footprinting, scanning, banner grabbing, DNS queries, and Google searches to locate vulnerable Windows systems Learn how information is extracted anonymously from Windows using simple NetBIOS, SMB, MSRPC, SNMP, and Active Directory enumeration techniques Prevent the latest remote network exploits such as password grinding via WMI and Terminal Server, passive Kerberos logon sniffing, rogue server/man-in-the-middle attacks, and cracking vulnerable services See up close how professional hackers reverse engineer and develop new Windows exploits Identify and eliminate rootkits, malware, and stealth software Fortify SQL Server against external and insider attacks Harden your clients and users against the latest e-mail phishing, spyware, adware, and Internet Explorer threats Deploy and configure the latest Windows security countermeasures, including BitLocker, Integrity Levels, User Account Control, the updated Windows Firewall, Group Policy, Vista Service Refactoring/Hardening, SafeSEH, GS, DEP, Patchguard, and Address Space Layout Randomization
Release

Security Consulting

Author: Charles A. Sennewald

Publisher: Butterworth-Heinemann

ISBN: 012401674X

Category: Business & Economics

Page: 264

View: 9610

DOWNLOAD NOW »

Since 9/11, business and industry has paid close attention to security within their own organizations. In fact, at no other time in modern history has business and industry been more concerned with security issues. A new concern for security measures to combat potential terrorism, sabotage, theft and disruption -- which could bring any business to it's knees -- has swept the nation. This has opened up a huge opportunity for private investigators and security professionals as consultants. Many retiring law enforcement and security management professionals look to enter the private security consulting market. Security consulting often involves conducting in-depth security surveys so businesses will know exactly where security holes are present and where they need improvement to limit their exposure to various threats. The fourth edition of Security Consulting introduces security and law enforcement professionals to the career and business of security consulting. It provides new and potential consultants with the practical guidelines needed to start up and maintain a successful independent practice. Updated and expanded information is included on marketing, fees and expenses, forensic consulting, the use of computers, and the need for professional growth. Useful sample forms have been updated in addition to new promotion opportunities and keys to conducting research on the Web. The only book of its kind dedicated to beginning a security consulting practice from the ground-up Proven, practical methods to establish and run a security consulting business New chapters dedicated to advice for new consultants, information secutiry consulting, and utilizing the power of the Internet The most up-to-date best practices from the IAPSC
Release

Principles of Information Security

Author: Michael E. Whitman,Herbert J. Mattord

Publisher: Cengage Learning EMEA

ISBN: 9781423901778

Category: Computers

Page: 598

View: 7334

DOWNLOAD NOW »

Incorporating both the managerial and technical aspects of this discipline, the authors address knowledge areas of Certified Information Systems Security Professional certification throughout and include many examples of issues faced by today's businesses.
Release

Information Technology Control and Audit, Third Edition

Author: Sandra Senft,Frederick Gallegos

Publisher: CRC Press

ISBN: 1439838607

Category: Computers

Page: 774

View: 3428

DOWNLOAD NOW »

The headline-grabbing financial scandals of recent years have led to a great urgency regarding organizational governance and security. Information technology is the engine that runs modern organizations, and as such, it must be well-managed and controlled. Organizations and individuals are dependent on network environment technologies, increasing the importance of security and privacy. The field has answered this sense of urgency with advances that have improved the ability to both control the technology and audit the information that is the lifeblood of modern business. Reflects the Latest Technological Advances Updated and revised, this third edition of Information Technology Control and Audit continues to present a comprehensive overview for IT professionals and auditors. Aligned to the CobiT control objectives, it provides a fundamental understanding of IT governance, controls, auditing applications, systems development, and operations. Demonstrating why controls and audits are critical, and defining advances in technology designed to support them, this volume meets the increasing need for audit and control professionals to understand information technology and the controls required to manage this key resource. A Powerful Primer for the CISA and CGEIT Exams Supporting and analyzing the CobiT model, this text prepares IT professionals for the CISA and CGEIT exams. With summary sections, exercises, review questions, and references for further readings, it promotes the mastery of the concepts and practical implementation of controls needed to effectively manage information technology resources. New in the Third Edition: Reorganized and expanded to align to the CobiT objectives Supports study for both the CISA and CGEIT exams Includes chapters on IT financial and sourcing management Adds a section on Delivery and Support control objectives Includes additional content on audit and control of outsourcing, change management, risk management, and compliance
Release