The Cybersecurity Manager's Guide: The Art of Building Your Security Program

Barnum, Todd

  • 出版商: O'Reilly
  • 出版日期: 2021-04-27
  • 定價: $1,575
  • 售價: 8.0$1,260
  • 語言: 英文
  • 頁數: 178
  • 裝訂: Quality Paper - also called trade paper
  • ISBN: 149207621X
  • ISBN-13: 9781492076216
  • 相關分類: 資訊安全
  • 立即出貨

買這商品的人也買了...

商品描述

If you're a leader in Cybersecurity, then you know it often seems like no one cares about--or understands--information security. Infosec professionals struggle to integrate security into their companies. Most are under resourced. Most are at odds with their organizations. There must be a better way. This essential manager's guide offers a new approach to building and maintaining an information security program that's both effective and easy to follow.

Author and longtime infosec leader Todd Barnum upends the assumptions security professionals take for granted. CISOs, CSOs, CIOs, and IT security professionals will learn a simple seven-step process that will help you build a new program or improve your current program.

  • Build better relationships with IT and other teams within your organization
  • Align your role with your company's values, culture, and tolerance for information loss
  • Lay the groundwork for your security program
  • Create a communications program to share your team's contributions and educate your coworkers
  • Transition security functions and responsibilities to other teams
  • Organize and build an effective infosec team
  • Measure your progress with two key metrics: your staff's ability to recognize and report security policy violations and phishing emails

商品描述(中文翻譯)

如果你是一位資訊安全領域的領導者,那麼你應該知道,似乎沒有人關心或理解資訊安全。資訊安全專業人員努力將安全整合到他們的公司中。大多數人資源不足。大多數人與他們的組織存在衝突。必須有一種更好的方法。這本重要的管理者指南提供了一種新的方法,可以建立和維護一個既有效又易於遵循的資訊安全計劃。

作者和長期資訊安全領導者Todd Barnum顛覆了安全專業人員所認為理所當然的假設。CISO、CSO、CIO和IT安全專業人員將學習一個簡單的七步流程,幫助您建立一個新的計劃或改進您目前的計劃。

- 與組織內的IT和其他團隊建立更好的關係
- 將您的角色與公司的價值觀、文化和對資訊損失的容忍度相一致
- 為您的安全計劃奠定基礎
- 建立一個溝通計劃,分享您的團隊貢獻並教育您的同事
- 將安全功能和責任轉移給其他團隊
- 組織並建立一個有效的資訊安全團隊
- 用兩個關鍵指標來衡量您的進展:您的員工識別和報告安全政策違規和釣魚郵件的能力

作者簡介

Todd Barnum is the current CISO of GoPro where he works with world class engineers to design, build and secure GoPro cameras, mobile apps, video editing software, cloud systems, and drone products. Although GoPro is known for manufacturing the worldâ s best action camera, the company also develops multiple software applications enhancing the use of its camera and drone products. The company has 20 offices worldwide, and is thought to be one of the worldâ s largest â cloud onlyâ? companies.

Prior to coming to GoPro, Barnum was VP and Chief Information Security Officer at Warner Bros. Entertainment. He has also served as CISO of Amgen, VP of the InfoSec consulting practice at Forrester. He has a degree from Stanford Law School and a Master of ScienceTelecommunications, and Computer Systems.

作者簡介(中文翻譯)

Todd Barnum是GoPro的現任CISO,他與世界級工程師合作設計、建構和保護GoPro相機、行動應用程式、影片編輯軟體、雲端系統和無人機產品。儘管GoPro以製造世界上最好的運動攝影機而聞名,該公司還開發了多個軟體應用程式,增強其相機和無人機產品的使用。該公司在全球擁有20個辦事處,被認為是世界上最大的「僅雲端」公司之一。

在加入GoPro之前,Barnum曾擔任華納兄弟娛樂公司的副總裁兼首席資訊安全官。他還曾擔任安金公司的CISO,以及Forrester的資訊安全顧問實踐的副總裁。他擁有斯坦福法學院的學位和電信和電腦系統的碩士學位。