Create appropriate security-focused business propositions that consider the balance between
cost risk and usability while starting your journey to become an information security
manager. Covering a wealth of information that explains exactly how the industry works today
this book focuses on how you can set up an effective information security practice hire the
right people and strike the best balance between security controls costs and risks.
Practical Information Security Management provides a wealth of practical advice for anyone
responsible for information security management in the workplace focusing on the 'how' rather
than the 'what'. Together we'll cut through the policies regulations and standards to expose
the real inner workings of what makes a security management program effective covering the
full gamut of subject matter pertaining to security management: organizational structures
security architectures technical controls governanceframeworks and operational security.
This book was not written to help you pass your CISSP CISM or CISMP or become a PCI-DSS
auditor. It won't help you build an ISO 27001 or COBIT-compliant security management system
and it won't help you become an ethical hacker or digital forensics investigator - there are
many excellent books on the market that cover these subjects in detail. Instead this is a
practical book that offers years of real-world experience in helping you focus on the getting
the job done. What You Will Learn Learn the practical aspects of being an effective information
security manager Strike the right balance between cost and risk Take security policies and
standards and make them work in reality Leverage complex security functions such as Digital
Forensics Incident Response and Security Architecture Who This Book Is ForPractical Security
Management has something to offer you.
