Responsive Security: Be Ready to Be Secure, 1st Edition (Paperback) book cover

Responsive Security

Be Ready to Be Secure, 1st Edition

By Meng-Chow Kang

CRC Press

259 pages | 33 B/W Illus.

Purchasing Options:$ = USD
Paperback: 9781466584303
pub: 2013-10-18
SAVE ~$15.19
$75.95
$60.76
x
Hardback: 9781138436855
pub: 2017-06-28
SAVE ~$41.00
$205.00
$164.00
x
eBook (VitalSource) : 9781315145907
pub: 2017-09-08
from $36.48


FREE Standard Shipping!

Description

Responsive Security: Be Ready to Be Secure explores the challenges, issues, and dilemmas of managing information security risk, and introduces an approach for addressing concerns from both a practitioner and organizational management standpoint. Utilizing a research study generated from nearly a decade of action research and real-time experience, this book introduces the issues and dilemmas that fueled the study, discusses its key findings, and provides practical methods for managing information security risks. It presents the principles and methods of the responsive security approach, developed from the findings of the study, and details the research that led to the development of the approach.

  • Demonstrates the viability and practicality of the approach in today’s information security risk environment
  • Demystifies information security risk management in practice, and reveals the limitations and inadequacies of current approaches
  • Provides comprehensive coverage of the issues and challenges faced in managing information security risks today

The author reviews existing literature that synthesizes current knowledge, supports the need for, and highlights the significance of the responsive security approach. He also highlights the concepts, strategies, and programs commonly used to achieve information security in organizations.

Responsive Security: Be Ready to Be Secure examines the theories and knowledge in current literature, as well as the practices, related issues, and dilemmas experienced during the study. It discusses the reflexive analysis and interpretation involved in the final research cycles, and validates and refines the concepts, framework, and methodology of a responsive security approach for managing information security risk in a constantly changing risk environment.

Table of Contents

Introduction

Background and Motivations

Purpose

Questions

Research Methodology

Organization of Subsequent Chapters

Endnotes

Knowledge, Issues, and Dilemmas

Introduction

Information Security

Principles and Approaches

Information Security Risk Management Strategy

Information Security Program

Responding to Change

Current Research and Social Perspectives

Conclusion

Endnotes

Practice, Issues, and Dilemmas

Information Risk Management (IRM) Practices

Social–Technical Approach

Endnotes

Responsive Security

Piezoelectric Metaphor

BETA’s Approach to Emerging Risks and Attacks

Learning from Tsunami Incident

Revealing Uncertainties and Making Risks Visible

Responsive, Reactive, and Proactive Strategies

Criticality Alignment

Testing Responsive Approach at GAMMA

Learning from Antinny Worm Case Study

Refining Responsive Approach

Responsive Learning

Endnotes

Conclusions and Implications

Summary and Results

Conclusions about Each Research Question

Implications for Theory

Implications for Policy and Practice

Suggestions for Further Research

Endnotes

Appendices

References

Index

About the Author

Meng-Chow Kang, PhD, earned an MSc in information security from the Royal Holloway and Bedford New College, University of London, and completed his PhD program in information security risk management at the Southern Cross University in Australia. He co-founded the Regional Asia Information Security Exchange (RAISE) Forum (raiseforum.org) that serves as a platform for regional information sharing and contributes to international standards development in ISO and ITU-T. He has been contributing to the development and adoption of international standards relating to information security since 1998, served as the first chair for ISO/IEC JTC 1/SC 27/WG 4 on Security Controls and Services Standards development from 2006 to 2012, and his work has been recognized with numerous industry awards.

Subject Categories

BISAC Subject Codes/Headings:
BUS041000
BUSINESS & ECONOMICS / Management
COM032000
COMPUTERS / Information Technology
COM053000
COMPUTERS / Security / General