Building a Comprehensive IT Security Program: Practical Guidelines and Best Practices
暫譯: 建立全面的資訊安全計畫：實用指導方針與最佳實務

This book explains the ongoing war between private business and cyber criminals, state-sponsored attackers, terrorists, and hacktivist groups. Further, it explores the risks posed by trusted employees that put critical information at risk through malice, negligence, or simply making a mistake. It clarifies the historical context of the current situation as it relates to cybersecurity, the challenges facing private business, and the fundamental changes organizations can make to better protect themselves. The problems we face are difficult, but they are not hopeless.

Cybercrime continues to grow at an astounding rate. With constant coverage of cyber-attacks in the media, there is no shortage of awareness of increasing threats. Budgets have increased and executives are implementing stronger defenses. Nonetheless, breaches continue to increase in frequency and scope.

Building a Comprehensive IT Security Program shares why organizations continue to fail to secure their critical information assets and explains the internal and external adversaries facing organizations today. This book supplies the necessary knowledge and skills to protect organizations better in the future by implementing a comprehensive approach to security.

Jeremy Wittkop’s security expertise and critical experience provides insights into topics such as:

• Who is attempting to steal information and why?
• What are critical information assets?
• How are effective programs built?
• How is stolen information capitalized?
• How do we shift the paradigm to better protect our organizations?
• How we can make the cyber world safer for everyone to do business?