What do you think?
Rate this book
Managing Risk and Information Security: Protect to Enable
Examine the evolving enterprise security landscape and discover how to manage and survive risk. While based primarily on the author’s experience and insights at major companies where he has served as CISO and CSPO, the book also includes many examples from other well-known companies and provides guidance for a management-level audience. Managing Risk and Information Security provides thought leadership in the increasingly important area of enterprise information risk and security. It describes the changing risk environment and why a fresh approach to information security is needed. Because almost every aspect of an enterprise is now dependent on technology not only for internal operations but increasing as a part of product or service creation, the focus of IT security must shift from locking down assets to enabling the business while managing and surviving risk. This edition discusses business risk from a broader perspective, including privacy and regulatory considerations. It describes the increasing number of threats and vulnerabilities and offers strategies for developing solutions. These include discussions of how enterprises can take advantage of new and emerging technologies―such as social media and the huge proliferation of Internet-enabled devices―while minimizing risk. What You'll Learn Who This Book Is For The primary audience is CIOs and other IT leaders, CISOs and other information security leaders, IT auditors, and other leaders of corporate governance and risk functions. The secondary audience is CEOs, board members, privacy professionals, and less senior-level information security and risk professionals. "Harkins’ logical, methodical approach as a CISO to solving the most complex cybersecurity problems is reflected in the lucid style of this book. His enlightened approach to intelligence-based security infrastructure and risk mitigation is our best path forward if we are ever to realize the vast potential of the innovative digital world we are creating while reducing the threats to manageable levels. The author shines a light on that path in a comprehensive yet very readable way." ―Art Coviello, Former CEO and Executive Chairman, RSA
- GenresNonfictionAmazon
214 pages, Paperback
First published December 12, 2012
122 people are currently reading
179 people want to read
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
Displaying 1 - 3 of 3 reviews
April 26, 2015
Articulately written and flows well. Most of the recommendations and suggestions the author offers in the book are straightforward and should be practiced by every security professional, or the security professional will find that after reading the book they have already been following most of the author's advice and the book would serve to validate many of what they've been practicing all along. Practical, sound and easy-to-implement advice is always welcome in a day and age when 'sounding complex' to make one look smarter is all too common.
December 30, 2014
Tells the evolving security stance of a leading tech company through the eyes of their CISO from locked down command and control to their current stance of protect to enable. With this stance they embrace new technology to give their employees what they want while still protecting corporate assets.
October 31, 2015
Good security reference, but too much Intel for my taste.
Displaying 1 - 3 of 3 reviews