Security Metrics Management: How to Manage the Costs of an Assets Protection Program: Gerald L. Kovacich, Edward Halibozek

• Filed under: Recommended

Book Description
Provides guidance on measuring the costs, successes and failures of asset protection and security programs

Security metrics is the application of quantitative, statistical, and/or mathematical analyses to measuring security functional trends and workload. In other words, tracking what each function is doing in terms of level of effort (LOE), costs, and productivity. Security metrics management is the managing of an assets protection program and related security functions through the use of metrics. It can be used where managerial tasks must be supported for such purposes as supporting the security professional’s position on budget matters, justifying the cost-effectiveness of decisions, determining the impact of downsizing on service and support to customers, etc.
Security Metrics Management is designed to provide basic guidance to security professionals so that they can measure the costs of their assets protection program - their security program - as well as its successes and failures. It includes a discussion of how to use the metrics to brief management, justify budget and use trend analyses to develop a more efficient and effective assets protection program.

- Over 100 checklists, flowcharts, and other illustrations depict examples of security metrics and how to use them
- Drawings, model processes, model procedures and forms enable the reader to immediately put concepts to use in a practical application
- Provides clear direction on how to meet new business demands on the Security Professional

Order Security Metrics Management: How to Manage the Costs of an Assets Protection Program: Gerald L. Kovacich, Edward Halibozek form Amazon.

Security Metrics Management: How to Manage the Costs of an Assets Protection Program: Gerald L. Kovacich, Edward Halibozek

• Filed under: Recommended

Book Description
Provides guidance on measuring the costs, successes and failures of asset protection and security programs

Security metrics is the application of quantitative, statistical, and/or mathematical analyses to measuring security functional trends and workload. In other words, tracking what each function is doing in terms of level of effort (LOE), costs, and productivity. Security metrics management is the managing of an assets protection program and related security functions through the use of metrics. It can be used where managerial tasks must be supported for such purposes as supporting the security professional’s position on budget matters, justifying the cost-effectiveness of decisions, determining the impact of downsizing on service and support to customers, etc.
Security Metrics Management is designed to provide basic guidance to security professionals so that they can measure the costs of their assets protection program - their security program - as well as its successes and failures. It includes a discussion of how to use the metrics to brief management, justify budget and use trend analyses to develop a more efficient and effective assets protection program.

- Over 100 checklists, flowcharts, and other illustrations depict examples of security metrics and how to use them
- Drawings, model processes, model procedures and forms enable the reader to immediately put concepts to use in a practical application
- Provides clear direction on how to meet new business demands on the Security Professional

order Security Metrics Management: How to Manage the Costs of an Assets Protection Program: Gerald L. Kovacich, Edward Halibozek form Amazon.

Security Metrics Management: How to Manage the Costs of an Assets Protection Program: Gerald L. Kovacich, Edward Halibozek

• Filed under: Recommended

Editorial Reviews

Book Description
Provides guidance on measuring the costs, successes and failures of asset protection and security programs

Product Description
Security metrics is the application of quantitative, statistical, and/or mathematical analyses to measuring security functional trends and workload. In other words, tracking what each function is doing in terms of level of effort (LOE), costs, and productivity. Security metrics management is the managing of an assets protection program and related security functions through the use of metrics. It can be used where managerial tasks must be supported for such purposes as supporting the security professional’s position on budget matters, justifying the cost-effectiveness of decisions, determining the impact of downsizing on service and support to customers, etc.
Security Metrics Management is designed to provide basic guidance to security professionals so that they can measure the costs of their assets protection program - their security program - as well as its successes and failures. It includes a discussion of how to use the metrics to brief management, justify budget and use trend analyses to develop a more efficient and effective assets protection program.

- Over 100 checklists, flowcharts, and other illustrations depict examples of security metrics and how to use them
- Drawings, model processes, model procedures and forms enable the reader to immediately put concepts to use in a practical application
- Provides clear direction on how to meet new business demands on the Security Professional

$Order Security Metrics Management: How to Manage the Costs of an Assets Protection Program: Gerald L. Kovacich, Edward Halibozek From Amazon and save money$

Security Metrics Management: How to Manage the Costs of an Assets Protection Program: Gerald L. Kovacich, Edward Halibozek

• Filed under: Recommended

Editorial Reviews

Book Description
Provides guidance on measuring the costs, successes and failures of asset protection and security programs

Product Description
Security metrics is the application of quantitative, statistical, and/or mathematical analyses to measuring security functional trends and workload. In other words, tracking what each function is doing in terms of level of effort (LOE), costs, and productivity. Security metrics management is the managing of an assets protection program and related security functions through the use of metrics. It can be used where managerial tasks must be supported for such purposes as supporting the security professional’s position on budget matters, justifying the cost-effectiveness of decisions, determining the impact of downsizing on service and support to customers, etc.
Security Metrics Management is designed to provide basic guidance to security professionals so that they can measure the costs of their assets protection program - their security program - as well as its successes and failures. It includes a discussion of how to use the metrics to brief management, justify budget and use trend analyses to develop a more efficient and effective assets protection program.

- Over 100 checklists, flowcharts, and other illustrations depict examples of security metrics and how to use them
- Drawings, model processes, model procedures and forms enable the reader to immediately put concepts to use in a practical application
- Provides clear direction on how to meet new business demands on the Security Professional

$Order From Amazon and save money$

Security Engineering: A Guide to Building Dependable Distributed Systems: Ross J. Anderson

• Filed under: Recommended

Editorial Reviews

Amazon.com
Gigantically comprehensive and carefully researched, Security Engineering makes it clear just how difficult it is to protect information systems from corruption, eavesdropping, unauthorized use, and general malice. Better, Ross Anderson offers a lot of thoughts on how information can be made more secure (though probably not absolutely secure, at least not forever) with the help of both technologies and management strategies. His work makes fascinating reading and will no doubt inspire considerable doubt–fear is probably a better choice of words–in anyone with information to gather, protect, or make decisions about.

Be aware: This is absolutely not a book solely about computers, with yet another explanation of Alice and Bob and how they exchange public keys in order to exchange messages in secret. Anderson explores, for example, the ingenious ways in which European truck drivers defeat their vehicles’ speed-logging equipment. In another section, he shows how the end of the cold war brought on a decline in defenses against radio-frequency monitoring (radio frequencies can be used to determine, at a distance, what’s going on in systems–bank teller machines, say), and how similar technology can be used to reverse-engineer the calculations that go on inside smart cards. In almost 600 pages of riveting detail, Anderson warns us not to be seduced by the latest defensive technologies, never to underestimate human ingenuity, and always use common sense in defending valuables. A terrific read for security professionals and general readers alike. –David Wall

Topics covered: How some people go about protecting valuable things (particularly, but not exclusively, information) and how other people go about getting it anyway. Mostly, this takes the form of essays (about, for example, how the U.S. Air Force keeps its nukes out of the wrong hands) and stories (one of which tells of an art thief who defeated the latest technology by hiding in a closet). Sections deal with technologies, policies, psychology, and legal matters.
–This text refers to the

Paperback
edition.

Review
“While many of the chapter topics may sound unexciting, Anderson has a wonderful writing style and at times reads almost like a Tom Clancy thriller with its details of military command and control systems and other similar topics. Anyone responsible for information security should read Security Engineering.” (UnixReview.com, July 2001)

“an eminently readable yet comprehensive book” (Network News, 12 September 2001)
–This text refers to the

Paperback
edition.

See all Editorial Reviews

See all Editorial Reviews&order

Information Security Architecture: An Integrated Approach to Security in the Organization: Jan Killmeyer Tudor

• Filed under: Recommended

Editorial Reviews

Product Description

An effective security plan reflects the importance of every component within the Information Security Architecture (ISA). This book describes these components in detail and outlines the steps necessary to establish and effective ISA. Information Security Architecture also provides step-by-step guidance to the analysis, development, and implementation of a logical and effective program that emphasizes the security objectives of the organization. With this book, C-level executives will enhance their awareness of the many considerations in implementing and maintaining a secure information and processing environment. It offers the blueprint for the integrity, confidentiality, and availability of information assets and computing resources.

Book Info
(Aurbach) Provides readers with an understanding of information security architecture for organizations, with detailed discussion of policies and procedures, security baselines of systems components, security awareness training and compliance, and the overall implementation of a security plan. DLC: Computer security.

See all Editorial Reviews&order

Fighting Computer Crime: A New Framework for Protecting Information: Donn B. Parker

• Filed under: Recommended

Editorial Reviews

Product Description
Who are the cybercriminals and what can we do to stop them? From the #1 cybercrime expert, a revolutionary new approach to . Fighting Computer Crime A top computer crime expert explains why current computer security methods fall dangerously short of the mark and what we can do to fix them. Based on his 30 years as a cybercrime fighter, during which he interviewed more than 200 perpetrators and their victims, Donn B. Parker provides valuable technical insight about the means cybercriminals employ, as well as penetrating psychological insights into their criminal behavior and motivations. Using many riveting real-life crime stories to illustrate his points, he reveals:
* Who your greatest security threats really are (be prepared for some surprises!)
* Why employees undergoing divorce can be your organization’s greatest computer security risk
* How to overcome cyberterrorists who will employ any high-tech or low-tech means necessary to crash your systems.
* Effective countermeasures for each threat covered in the book
* How to neutralize even the most powerful cybercrime scheme attempts
* Why and how the incorrect, incomplete, inarticulate security folk art must be revitalized

The publisher, John Wiley & Sons
Leading computer crime-prevention expert Donn Parker argues in this compelling and often alarming book that current approaches to preventing computer crime are dangerously simplistic and are not working. Focusing too much on protecting the privacy of information, these approaches fail to address other dangerous threats to businesses. Current security measures are only designed to protect against the loss of privacy. Parker presents a valuable new framework for understanding a greatly expanded list of criminal threats, describing proven countermeasures and discussing actual crime cases. Boldly critiquing many prominent business and government figures for failing to establish effective prevention tactics, this book pulls no punches in its drive to improve virtual security.

See all Editorial Reviews

See all Editorial Reviews&order

Security Architecture: Design, Deployment and Operations: Christopher King, Ertem Osmanoglu, Curtis Dalton

• Filed under: Recommended

Editorial Reviews

Book Description
New from the official RSA Press, this expert resource explains how to design and deploy security successfully across your enterprise–and keep unauthorized users out of your network. You’ll get full coverage of VPNs and intrusion detection systems, plus real-world case studies.

Book Info
Shows administrators how to implement platform network security using a step-by-step methodology. Teaches security technologies and demonstrates their applications in real-life scenarios. Also evaluates the pros and cons of intrusion detection systems, VPNs, firewalls, and other security measures. Softcover.

See all Editorial Reviews

See all Editorial Reviews&order

Schneier on Security: Bruce Schneier

• Filed under: Recommended

Editorial Reviews

Product Description
Presenting invaluable advice from the world’s most famous computer security expert, thiss intensely readable collection features some of the most insightful and informative strengths and weaknesses of computer security and the price people pay—figuratively and literally—when security fails. Discussing the issues surrounding things such as airplanes, passports, voting machines, ID cards, cameras, passwords, Internet banking, sporting events, computers, and castles, this book is a must-read for anyone who values security at any level—business, technical, or personal.

From the Inside Flap

You take off your shoes in the airport. You scan the supermarket’s “preferred customer” card to get the sale price. You claw your way through tamper-resistant packaging for a couple of aspirin. You accept all these inconveniences in the name of security.

But are you any safer?

Bruce Schneier, arguably the world’s foremost authority on computer security, has explored security issues ranging from protecting your password to illegal wiretapping. This collection of Schneier’s best op-ed pieces, columns, and blog posts goes beyond technology, offering his insight into everything from the risk of identity theft (vastly overrated) to the long-range security threat of unchecked presidential power and the surprisingly simple way to tamper-proof elections. You’ll discover:

• Why data mining will never protect us from terrorists

• How your stone-age brain affects what you fear and what security measures you accept

• Why computer security is fundamentally an economic problem

• Whether you can really trust a Trusted Traveler

• If sacrificing your privacy has made you more secure

• Why refusing driver’s licenses to illegal immigrants actually reduces security

• The industry power struggle over controlling your computer

• Why we overestimate some risks and underestimate others

• Why national ID cards won’t make us safer, only poorer

• . . . and much more

This book will challenge your illusions of security at every level. Think it’s okay to give up your privacy if you’re doing nothing wrong? What happens when “wrong” gets redefined? How much power over your personal life are you willing to concede to the person you least want to see as president? What’s the acceptable trade-off between security and convenience?

In this ruthless, comprehensive, and thought-provoking analysis, Schneier shows us what we should be worrying about and how to get our national fingers off the panic button.

See all Editorial Reviews

See all Editorial Reviews&order