Mind the Tech Gap: Addressing the Conflicts between IT and Security Teams
暫譯: 注意技術差距：解決IT與安全團隊之間的衝突

Name: Mind the Tech Gap: Addressing the Conflicts between IT and Security Teams
Price: 4180 TWD
Availability: OnlineOnly
Author: Robinson, Nikki
ISBN: 1032206160

Robinson, Nikki

出版商: CRC
出版日期: 2022-10-05
售價: $4,400
貴賓價: 9.5 折 $4,180
語言: 英文
頁數: 198
裝訂: Hardcover - also called cloth, retail trade, or trade
ISBN: 1032206160
ISBN-13: 9781032206165
相關分類: 資訊安全

海外代購書籍(需單獨結帳)

商品描述

IT and cybersecurity teams have had a long-standing battle between functionality and security. But why? To understand where the problem lies, this book will explore the different job functions, goals, relationships, and other factors that may impact how IT and cybersecurity teams interact. With different levels of budget, competing goals, and a history of lack of communication, there is a lot of work to do to bring these teams together. Empathy and emotional intelligence are common phenomena discussed in leadership books, so why not at the practitioner level? Technical teams are constantly juggling projects, engineering tasks, risk management activities, security configurations, remediating audit findings, and the list goes on. Understanding how psychology and human factors engineering practices can improve both IT and cybersecurity teams can positively impact those relationships, as well as strengthen both functionality and security. There is no reason to have these teams at odds or competing for their own team's mission; align the missions, and align the teams. The goal is to identify the problems in your own team or organization and apply the principles within to improve how teams communicate, collaborate, and compromise. Each organization will have its own unique challenges but following the question guide will help to identify other technical gaps horizontally or vertically.

商品描述(中文翻譯)

IT 和網路安全團隊之間長期以來一直存在功能性與安全性之間的鬥爭。但這是為什麼呢？為了理解問題所在，本書將探討不同的工作職能、目標、關係及其他可能影響 IT 和網路安全團隊互動的因素。由於預算水平不同、目標相互競爭以及缺乏溝通的歷史，這些團隊之間需要做很多工作來促進合作。共情和情緒智力是領導力書籍中常討論的現象，那麼為什麼在實務層面上不討論呢？技術團隊不斷在專案、工程任務、風險管理活動、安全配置、修正審計發現等之間周旋，還有更多的任務。理解心理學和人因工程實踐如何改善 IT 和網路安全團隊的運作，可以正面影響這些關係，並加強功能性與安全性。沒有理由讓這些團隊互相對立或為各自的任務競爭；應該對齊任務，並對齊團隊。目標是識別自己團隊或組織中的問題，並應用其中的原則來改善團隊的溝通、協作和妥協。每個組織都會面臨獨特的挑戰，但遵循問題指導將有助於識別其他技術上的縱向或橫向差距。

作者簡介

Nikki Robinson earned a DSc in Cybersecurity, several industry certifications including CISSP, and is a Security Architect by day, and an Adjunct Professor at night. She had more than 10 years of experience in IT operations before moving into the security field about 3 years ago. She has been studying vulnerability chaining concepts and is working on a PhD in Human Factors to combine psychological and technical aspects to improve security programs. Expected completion for the second Doctorate is December 2021. She has a passion for teaching and mentoring others on risk management, network defense strategies, and DFIR. She is currently a Security Architect at IBM and has technical experience in continuous monitoring, risk management, digital forensics, and incident response. She has spoken at several conferences on a variety of topics from human factors security engineering, malicious website graphing, and DevSecOps.

作者簡介(中文翻譯)

尼基·羅賓森（Nikki Robinson）獲得了網路安全（Cybersecurity）博士學位（DSc），並擁有多項行業認證，包括CISSP。她白天是一名安全架構師（Security Architect），晚上則擔任兼任教授（Adjunct Professor）。在約三年前轉入安全領域之前，她在IT運營方面擁有超過10年的經驗。她一直在研究漏洞鏈接（vulnerability chaining）概念，並正在攻讀人因學（Human Factors）博士學位，以結合心理學和技術方面的知識來改善安全計劃。第二個博士學位預計於2021年12月完成。她熱衷於教授和指導他人有關風險管理（risk management）、網路防禦策略（network defense strategies）和數位取證（DFIR）。她目前是IBM的安全架構師，並在持續監控（continuous monitoring）、風險管理、數位取證和事件響應（incident response）方面擁有技術經驗。她曾在多個會議上發表演講，主題涵蓋人因安全工程（human factors security engineering）、惡意網站圖譜（malicious website graphing）和DevSecOps等多個領域。