Previous information security references do not address the gulf between general security awareness and the specific technical steps that need to be taken to protect information assets. Surviving Security: How to Integrate People, Process, and Technology, Second Edition fills this void by explaining security through a holistic approach that considers both the overall security infrastructure and the roles of each individual component. This book provides a blueprint for creating and executing sound security policy. The author examines the costs and complications involved, covering security measures such as encryption, authentication, firewalls, intrusion detection, remote access, host security, server security, and more. After reading this book, you will know how to make educated security decisions that provide airtight, reliable solutions.
About the Author
Amanda Andress, CISSP, SSCP, CPA, CISA is Founder and President of ArcSec Technologies, a firm which focuses on security product reviews and consulting. Prior to that she was Director of Security for Privada, Inc., a privacy company in San Jose, California. She built extensive security auditing and IS control experience working at Exxon and Big 5 firms Deloitte & Touche and Ernst & Young. She has been published in NetworkWorld, InfoWorld, Information Security Magazine, and others, and is a frequent presenter at industry events such as N+I and Black Hat.
Table of Contents
Why Do I Need Security? Understanding Requirements and Risk. Security Policies and Procedures. Cryptography and Encryption. Authentication. Network Architecture and Physical Security. Firewalls and Perimeter Security. Network Management and Device Security. Wireless Network Security. Intrusion Detection. Remote Access. Host Security. Server Security. Client Security. Application Development. Security Maintenance and Monitoring. Vulnerability Testing. Security Audits. Incident Response. Integrating People, Process, and Technology. Trends to Watch.