Risk Management for Computer Security,
Edition 1 Protecting Your Network and Information Assets
By Andy Jones and Debi Ashenden

Publication Date: 15 Mar 2005
0 reviews
Digital copy not yet available
Description

Risk Management for Computer Security provides IT professionals with an integrated plan to establish and implement a corporate risk assessment and management program. The book covers more than just the fundamental elements that make up a good risk program for computer security. It presents an integrated how-to approach to implementing a corporate program, complete with tested methods and processes, flowcharts, and checklists that can be used by the reader and immediately implemented into a computer and overall corporate security program. The challenges are many and this book will help professionals in meeting their challenges as we progress through the twenty-first century.

This book is organized into five sections. Section I introduces the reader to the theories of risk management and describes the field's changing environment as well as the art of managing risks. Section II deals with threat assessment and its input to risk assessment; topics covered include the threat assessment method and an example of threat assessment. Section III focuses on operating system vulnerabilities and discusses application vulnerabilities; public domain vs. COTS; and connectivity and dependence. Section IV explains what risk assessment is and Section V explores qualitative vs. quantitative tools and types of risk assessment and concludes with an assessment of the future of risk management.

Corporate security professionals around the world will find this book a highly valuable source of information.

Key Features

  • Presents material in an engaging, easy-to-follow manner that will appeal to both advanced INFOSEC career professionals and network administrators entering the information security profession
  • Addresses the needs of both the individuals who are new to the subject as well as of experienced professionals
  • Provides insight into the factors that need to be considered and fully explains the numerous methods, processes and procedures of risk management

About the author
By Andy Jones, A Research Group Leader at the Security Research Centre for British Telecommunications where he is conducting research into the security of information and communication systems. and Debi Ashenden, Senior Research Fellow in Information Assurance at the Royal Military College of Science, Cranfield University, UK
Table of Contents
Section I: An Introduction to Risk Management: Introduction to the Theories of Risk Management; The Changing Environment; The Art of Managing Risks; Section II: The Threat Assessment Process: Threat Assessment and its Input to Risk Assessment; Threat Assessment Method; Example Threat Assessment; Section III: Vulnerability Issues: Operating System Vulnerabilities; Application Vulnerabilities; Public Domain or Commercial Off-the-Shelf Software?; Connectivity and Dependence; Section IV: The Risk Process: What is Risk Assessment?; Risk Analysis; Who is Responsible?; Section V: Tools and Types of Risk Assessment: Qualitative and Quantitative Rrisk Assessment; Policies, Procedures, Plans, and Processes of Risk Management; Tools and Techniques; Integrated Risk Management; Section VI: Future Directions: The Future of the Risk Management
Book details
ISBN: 9780750677950
Page Count: 296
Retail Price : £38.99
Audience
Corporate security professionals around the world
Related Titles
New
Introduction to Emergency Management
Introduction to Emergency Management

Haddow, Bullock & Coppola

Security Operations Management
Security Operations Management

McCrie & Lee

New Edition
Introduction to Emergency Management
Introduction to Emergency Management

Bullock, Haddow & Coppola

Effective Security Management
Effective Security Management

Sennewald & Baillie

The Professional Protection Officer
The Professional Protection Officer

Davies & Fennelly

Security and Loss Prevention
Security and Loss Prevention

Purpura

The Law of Emergencies
The Law of Emergencies

Hunter

Cybercrime and Business
Cybercrime and Business

Moskowitz

Homeland Security
Homeland Security

Haddow, Bullock & Coppola

Practical Airport Operations, Safety, and Emergency Management
Practical Airport Operations, Safety, and Emergency Management

Price & Forrest

Biosecurity and Bioterrorism
Biosecurity and Bioterrorism

Ryan

Enterprise Risk Management
Enterprise Risk Management

Green

Effective Security Management
Effective Security Management

Sennewald & Baillie

Security Supervision and Management
Security Supervision and Management

IFPO

Keeping Religious Institutions Secure
Keeping Religious Institutions Secure

McLamb

Hospital and Healthcare Security
Hospital and Healthcare Security

York & MacAlister

Protecting Transportation
Protecting Transportation

Johnstone

Disaster Theory
Disaster Theory

Etkin & Burton

Introduction to Information Security
Introduction to Information Security

Shimeall & Spring

Introduction to Security
Introduction to Security

Fischer, Halibozek & Walters

Cyber Attacks
Cyber Attacks

Amoroso

Contemporary Security Management
Contemporary Security Management

Fay

Network and System Security
Network and System Security

Vacca

Mac OS X, iPod, and iPhone Forensic Analysis DVD Toolkit
Mac OS X, iPod, and iPhone Forensic Analysis DVD Toolkit

Varsalone

The IT / Digital Legal Companion
The IT / Digital Legal Companion

Landy & Mastrobattista

The Real MCTS/MCITP Exam 70-620 Prep Kit
The Real MCTS/MCITP Exam 70-620 Prep Kit

Piltzecker

Controlling The World with Your PC
Controlling The World with Your PC

Bergsman