The frugal CISO : using innovation and smart approaches to maximize your security posture /: using innovation and smart approaches to maximize your security posture. (2014)
- Record Type:
- Book
- Title:
- The frugal CISO : using innovation and smart approaches to maximize your security posture /: using innovation and smart approaches to maximize your security posture. (2014)
- Main Title:
- The frugal CISO : using innovation and smart approaches to maximize your security posture
- Further Information:
- Note: Kerry Ann Anderson.
- Authors:
- Anderson, Kerry Ann
- Contents:
- "New Normal"; When Can We Get Back to Normal?; Frugal versus Cheap; Time, Cost, and Quality Paradox; We Are Special?; "It’s the Economy, Stupid, " or Is Something Impacting Security Budgets?; Slowing of Compliance; Security Technology Fatigue; FUD Fatigue C-Level Compliancy Waiting for Perfection They Really Don’t Care about Information Security (at Least Now); What Is Normal, Anyway?; Endnotes; ; Information Security Maturity Life Cycle; Where Is My Team?; Using the Nolan Model Combined with Information Security-Specific Benchmarks; Why Assess Information Security Maturity Levels?; The Six Levels of Information Security Maturation; Stage 1: Initiation Stage 2: Contagion Stage 3: Control Stage 4: Integration Stage 5: Data Administration Stage 6: Maturity/Continuous Renewal; You Are Here: Determining an Organization’s Maturity Stage; Approximate Your Final Destination; Skipping Levels; Bridging the Gaps; Stumbles Happen; Spotting Maturity Landmarks of Progress; Tips for Managing the Information Security Maturation Process; Endnotes; ; Reducing Complexity; Complexity and Volume, Oh My; Actively Managing the Application Portfolio Building a Current Application Inventory; Reducing Application Complexity; Strategies for Reducing Application Complexity; Why Applications Are the Favorite "Hacker Snack"; Application Risk Rating Identification of Appropriate Information; Protection Classification for Applications Information Classification System Information Classification Scheme and"New Normal"; When Can We Get Back to Normal?; Frugal versus Cheap; Time, Cost, and Quality Paradox; We Are Special?; "It’s the Economy, Stupid, " or Is Something Impacting Security Budgets?; Slowing of Compliance; Security Technology Fatigue; FUD Fatigue C-Level Compliancy Waiting for Perfection They Really Don’t Care about Information Security (at Least Now); What Is Normal, Anyway?; Endnotes; ; Information Security Maturity Life Cycle; Where Is My Team?; Using the Nolan Model Combined with Information Security-Specific Benchmarks; Why Assess Information Security Maturity Levels?; The Six Levels of Information Security Maturation; Stage 1: Initiation Stage 2: Contagion Stage 3: Control Stage 4: Integration Stage 5: Data Administration Stage 6: Maturity/Continuous Renewal; You Are Here: Determining an Organization’s Maturity Stage; Approximate Your Final Destination; Skipping Levels; Bridging the Gaps; Stumbles Happen; Spotting Maturity Landmarks of Progress; Tips for Managing the Information Security Maturation Process; Endnotes; ; Reducing Complexity; Complexity and Volume, Oh My; Actively Managing the Application Portfolio Building a Current Application Inventory; Reducing Application Complexity; Strategies for Reducing Application Complexity; Why Applications Are the Favorite "Hacker Snack"; Application Risk Rating Identification of Appropriate Information; Protection Classification for Applications Information Classification System Information Classification Scheme and Application Security Rating Application Risk Levels and Definitions Steps to Implementing Complexity Reduction; Legacy Third-Party Applications Strategies for Minimizing Risks and Costs for Vendor Applications Spell Out the Details of Required Support, Security, and Vulnerability Management in the SLA; Do Regular Information Security Assessments of Your Vendor Applications; Reducing Data Storage Steps to Reducing Stored Data; Strategies for Reducing and Managing Data; Steps to Finding the Data Electronic Information Inventory Data Discovery Solutions; The Next Steps in Reduction of Obsolete or Redundant Data; Reduce Security Solutions Complexity Paring Down Security Solutions Other Strategies to Reduce the Cost of Security Solutions; Reducing Complexity and Risks Created by "Bolt-On" Security Bolt-On Security Building in Security: Cheaper and Better Strategies for Embedding Security in Systems Use of Financial Justification; Use of Secure Development Practices as a Pilot Proof of Concept for Select New Technology Projects Identification of an Internal Champion for the Adoption of Secure Development Integrate Vulnerability Testing into Software Development Process; Customize the Secure Development Process to Fit the Organization; Endnotes; ; Frugal Hiring; People, Process, and Technology—In That Order; Relationship between Costs, Hiring, and Effective Team Management; Finding the Right Stuff and Right Fit; Job Descriptions or Looking for the Lord Himself (or Herself) Hiring "On the Cheap"; Developing a Hiring Strategy and Tactics for the Long Run Hiring for the Wrong Reasons; Some Tactics for Strong Hiring Learn to Spot the Candidate with that Je Ne Sais Quoi; Learn from Past Mistakes and Make a Fresh Start with Each Hiring; Get Your Team Involved Connection with Candidates on a Personal Level Avoid Ending on a Poor Note Avoiding "Halo Hiring" Cultivate and Close Your Preferred Candidates; Using Recruiters; Interviewing for Understanding and Motivation; Interview Process: Identifying the Right Candidate and Closing the Deal; Strategies for Avoiding Excessive Hiring Costs Attracting Quality Is Not Cheap Know What the Position Is before You Start Recruiting Don’t Play Bait and Switch after Hiring Use Recruiters Effectively; Consider Internal Candidates When Possible Use a Technical Interview Don’t Stretch Out the Hiring Process Too Long; Hiring the Transitioning Professional; ; Frugal Team Management; A Team Is the Sum of Its Ingredients; Security Is a Team Sport; Building or Renovating the Information Security Team A Word of Caution: Don’t Try to Clone Your Old Information Security Team Building a New Information Security Team Revamping an Existing Information Security Team Having Existing Team Reapply for Their Positions Next Steps after Restructuring of an Existing Team; Professional Development Planning; Stress and Information Security Tips for Helping Information Security Professionals Combat Burnout Tips for Employers to Combat Information; Security Burnout; Cost of Turnover Costs of Excessive Turnover of Information Security Staff; Tips on Lowering Turnover of Information Security Employees; Retaining and Nurturing Your Information Security Team; Why Teams Fail to Meet Expectations; Inability to Gel The Fish Rots from the Head Down; Toxic Element; Vital Ingredient: Team Learning; Endnotes ; ; Managing External Parties Effectively; It Takes a Global Village; Outsourcing A Framework for Cost-Effective Outsourcing Management <BR&g … (more)
- Edition:
- 1st
- Publisher Details:
- Boca Raton : Auerbach
- Publication Date:
- 2014
- Extent:
- 1 online resource, illustrations (black and white)
- Subjects:
- 658.478
Information technology -- Security measures -- Management
Computer security -- Management - Languages:
- English
- ISBNs:
- 9781482220087
- Related ISBNs:
- 9781482220070
- Notes:
- Note: Includes bibliographical references and index.
Note: Description based on CIP data; item not viewed. - Access Rights:
- Legal Deposit; Only available on premises controlled by the deposit library and to one user at any one time; The Legal Deposit Libraries (Non-Print Works) Regulations (UK).
- Access Usage:
- Restricted: Printing from this resource is governed by The Legal Deposit Libraries (Non-Print Works) Regulations (UK) and UK copyright law currently in force.
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library HMNTS - ELD.DS.143869
- Ingest File:
- 02_086.xml