Supplying a high-level overview of how to protect your company’s physical and intangible assets, Asset Protection through Security Awareness explains the best ways to enlist the assistance of your employees as the first line of defense in safeguarding company assets and mitigating security risks. The author reviews key topics surrounding computer security—including privacy, access controls, and risk management—to help fill the gaps that might exist between management and the technicians securing your network systems.
In an accessible style that requires no previous networking or programming experience, the book delivers a practical approach to asset protection. It specifies the roles of managers and employees in creating a company-wide culture of security awareness and provides step-by-step instruction on how to build an effective security awareness team. Each chapter examines a separate security issue and provides a brief overview of how to address that issue. It includes tools and checklists to help you address:
- Visual, digital, and auditory data security
- Credit card compliance (PCI), password management, and social engineering
- User authentication methods
- Computer and network forensics
- Physical security and continuity planning
- Privacy concerns and privacy-related regulation
This concise security management primer facilitates the up-to-date understanding required to protect your digital and physical assets, including customer data, networking equipment, and employee information. Providing you with powerful tools of diplomacy, this text will help you win the support of your employees and empower them to be effective gatekeepers of your company’s most valued assets and trade secrets.
Table of Contents
Introduction: What Is Information Security? Creating a Culture of Security Awareness. Overview of Security Awareness Categories. Who Is an IS Professional? Diplomacy. Privacy Concerns. Interdepartmental Security. Risk Management. Social Engineering. Incident Detection and Response. Physical Security. PCI Compliance. Business Continuity Planning. User Authentication Methods. Computer and Network Forensics. Malware. Crafting a Security Policy. Performing Security Analyses and Audits. Access Control. Security Checklists. Index.
Tyler Speed is the Executive Vice President of Electronics International in Bend, Oregon and has a Masters Degree in Information Assurance from the NSA-certified Norwich University in Northfield, Vermont. As a corporate leader in aviation, not only does Tyler deal with governmental regulations and compliance issues from the FAA, but he must also temper customer service and sales needs with a solid foundation in security and training in order to protect sales records, customer information, trade secrets and proprietary information. Tyler has been tinkering with computers and networks since the days of Bulletin Board Services, and understands the need for a common sense approach to corporate security awareness and training. At the time of this publication, Tyler is studying to obtain his Certified Information Systems Seucrity Professional (CISSP) certification.