Building an Effective Security Program provides readers with a
comprehensive approach to securing the IT systems in use at their
organizations. This book provides information on how to structure and
operate an effective cybersecurity program that includes people,
processes, technologies, security awareness, and training. This program
will establish and maintain effective security protections for the
confidentiality, availability, and integrity of organization
information. In this book, the authors take a pragmatic approach to
building organization cyberdefenses that are effective while also
remaining affordable.
This book is intended for business leaders, IT professionals,
cybersecurity personnel, educators, and students interested in deploying
real-world cyberdefenses against today's persistent and sometimes
devastating cyberattacks. It includes detailed explanation of the
following IT security topics:
- IT Security Mindset--Think like an IT security professional, and
consider how your IT environment can be defended against potential
cyberattacks.
- Risk Management--Identify the assets, vulnerabilities and threats
that drive IT risk, along with the controls that can be used to
mitigate such risk.
- Effective Cyberdefense--Consider the components of an effective
organization cyberdefense to successfully protect computers, devices,
networks, accounts, applications and data.
- Cyber Operations--Operate cyberdefense capabilities and controls
so that assets are protected, and intruders can be detected and
repelled before significant damage can be done.
- IT Security Awareness and Training--Promote effective
cybersecurity practices at work, on travel, and at home, among your
organization's business leaders, IT professionals, and staff.
- Resilient IT Security--Implement, operate, monitor, assess, and
improve your cybersecurity program on an ongoing basis to defend
against the cyber threats of today and the future.
