Building an Effective Security Program

This book is intended for business leaders, IT professionals, cybersecurity personnel, educators, and students interested in deploying real-world cyberdefenses against today’s persistent and sometimes devastating cyberattacks. It includes detailed explanation of the following IT security topics:

• IT Security Mindset—Think like an IT security professional, and consider how your IT environment can be defended against potential cyberattacks.
• Risk Management—Identify the assets, vulnerabilities and threats that drive IT risk, along with the controls that can be used to mitigate such risk.
• Effective Cyberdefense—Consider the components of an effective organization cyberdefense to successfully protect computers, devices, networks, accounts, applications and data.
• Cyber Operations—Operate cyberdefense capabilities and controls so that assets are protected, and intruders can be detected and repelled before significant damage can be done.
• IT Security Awareness and Training—Promote effective cybersecurity practices at work, on travel, and at home, among your organization’s business leaders, IT professionals, and staff.
• Resilient IT Security—Implement, operate, monitor, assess, and improve your cybersecurity program on an ongoing basis to defend against the cyber threats of today and the future.