Publisher: Auerbach, 2000, 368 pages
ISBN: 0-8493-9988-2
Keywords: IT Security, Information Security
Organizations need assistance in developing and implementing a comprehensive and flexible enterprise wide information security architecture (ISA) to protect the confidentiality, integrity, and availability of their information and system resources from the growing threats to information security.
Information Security Architecture provides an understanding of the requirements for a strategic plan for security within the organization. It then details the five key components of an information security architecture — organization and infrastructure, policies and procedures, security baselines of system components, security awareness and training, and compliance — and provides step-by-step guidance on how to analyze, develop, and implement a logical and effective program that obtains the security objectives of the organization.
Information Security Architecture shows you how to combine practical and cost-effective technical solutions with sound management practices to:
This is a book that has a hard time trying to decide whether to be about information security, security organizations, security technology, policies, risk assessments, etc. Of course, that is life for anyone in the security field, but reading about life in the security field, without it being acknowledged as such, doesn't help the practitioner (as s/he already knows most of these facts) or the students/beginner (as s/he doesn't understand the finer points unless explicitly written on their noses).
There is nothing wrong with the contents, but it falls a bit short of being the integrated approach that the author claims it to be.
You can safely skip it.
Comments
There are currently no comments
New Comment