The goal of Security Risk Management is to teach you practical techniques that will be used on a daily basis, while also explaining the fundamentals so you understand the rationale behind these practices. Security professionals often fall into the trap of telling the business that they need to fix something, but they canat explain why. This book will help you to break free from the so-called qbest practicesq argument by articulating risk exposures in business terms. You will learn techniques for how to perform risk assessments for new IT projects, how to efficiently manage daily risk activities, and how to qualify the current risk level for presentation to executive level management. While other books focus entirely on risk analysis methods, this is the first comprehensive guide for managing security risks. Named a 2011 Best Governance and ISMS Book by InfoSec Reviews Includes case studies to provide hands-on experience using risk assessment tools to calculate the costs and benefits of any security investment Explores each phase of the risk management lifecycle, focusing on policies and assessment processes that should be used to properly assess and mitigate risk Presents a roadmap for designing and implementing a security risk management programA good example of this is in the wireless space: WPA2 protection (replacing the weaker WEP and WPA options) is now an ... ability to detect and remove malware , and detection needs to be automated even if the removal is manual. ac Establish anbsp;...
|Title||:||Security Risk Management|
|Publisher||:||Elsevier - 2011-04-20|