Policies and Practices for Implementing Information Security Strategies in Organizations
Seiten
2022
Business Science Reference (Verlag)
9781799881735 (ISBN)
Business Science Reference (Verlag)
9781799881735 (ISBN)
Presents a definition of information security strategy, an explanation of the various generic information security strategies available to organisations to choose from, and a process for how to select an information security strategy.
Information security has become a key issue for organizations as they increase reliance on information whilst the severity and frequency of attacks increase globally. Of concern to organizations, clean-up costs from information security attacks total hundreds of billions of dollars per annum globally. Given the significance of these impacts, governments around the world are increasingly looking to pass legislation and impose significant penalties on organizational leaders to hold them accountable for securing their organization's information. These factors mean that governing bodies should set an information security strategy to guide their organization's security efforts.
This book contains a definition of information security strategy, an explanation of the various generic information security strategies available to organizations to choose from, and a process for how to select an information security strategy. To then implement the information security strategy, an information security strategic plan should be set by the executive management. Progress on the information security strategic plan should be communicated with the governing body regularly so that they can monitor the effectiveness of information security management activities. Successful implementation of an information security strategy can have a direct impact on an organization's public reputation, exposure to litigation, customer trust, confidentiality, integrity and availability of information, probable loss mitigation, performance reporting, and competitive advantage protection.
The objective of this book is to give readers a how-to guide for understanding and then setting a strategy to secure information so that information can then be used as a resource in the pursuit of organizational goals, including achieving vision and mission.
Benefits include understanding how to actively change the value of information to increase organizational security, which is novel, almost counter-intuitive. As well, this book grants an explanation of why organizations should engage in outsourcing, not to gain access to skillsets or reduce cost, but to increase security. Significantly, it is novel to offer strategic-level decision-makers options to protect organizational information as decisions about security have typically been left to executives and management.
Information security has become a key issue for organizations as they increase reliance on information whilst the severity and frequency of attacks increase globally. Of concern to organizations, clean-up costs from information security attacks total hundreds of billions of dollars per annum globally. Given the significance of these impacts, governments around the world are increasingly looking to pass legislation and impose significant penalties on organizational leaders to hold them accountable for securing their organization's information. These factors mean that governing bodies should set an information security strategy to guide their organization's security efforts.
This book contains a definition of information security strategy, an explanation of the various generic information security strategies available to organizations to choose from, and a process for how to select an information security strategy. To then implement the information security strategy, an information security strategic plan should be set by the executive management. Progress on the information security strategic plan should be communicated with the governing body regularly so that they can monitor the effectiveness of information security management activities. Successful implementation of an information security strategy can have a direct impact on an organization's public reputation, exposure to litigation, customer trust, confidentiality, integrity and availability of information, probable loss mitigation, performance reporting, and competitive advantage protection.
The objective of this book is to give readers a how-to guide for understanding and then setting a strategy to secure information so that information can then be used as a resource in the pursuit of organizational goals, including achieving vision and mission.
Benefits include understanding how to actively change the value of information to increase organizational security, which is novel, almost counter-intuitive. As well, this book grants an explanation of why organizations should engage in outsourcing, not to gain access to skillsets or reduce cost, but to increase security. Significantly, it is novel to offer strategic-level decision-makers options to protect organizational information as decisions about security have typically been left to executives and management.
Craig A. Horne, The University of Melbourne, Australia
| Erscheinungsdatum | 01.12.2021 |
|---|---|
| Sprache | englisch |
| Themenwelt | Informatik ► Netzwerke ► Sicherheit / Firewall |
| ISBN-13 | 9781799881735 / 9781799881735 |
| Zustand | Neuware |
| Informationen gemäß Produktsicherheitsverordnung (GPSR) | |
| Haben Sie eine Frage zum Produkt? |
Mehr entdecken
aus dem Bereich
aus dem Bereich
Das Lehrbuch für Konzepte, Prinzipien, Mechanismen, Architekturen und …
Buch | Softcover (2022)
Springer Vieweg (Verlag)
CHF 53,15
Lehrbuch für Prüfung und Praxis
Buch | Softcover (2023)
Springer Fachmedien Wiesbaden GmbH (Verlag)
CHF 27,95
Management der Informationssicherheit und Vorbereitung auf die …
Buch (2024)
Carl Hanser (Verlag)
CHF 97,95
