People-Centric Security: Transforming Your Enterprise Security Culture 1st Edition

Купить бумажную книгу и читать

Название:People-Centric Security: Transforming Your Enterprise Security Culture

Автор: Lance Hayden

Издательство: McGraw-Hill Education

Год: 2015

Страниц:416

Язык: English

Формат: pdf

Размер: 8,2 Mb

A Complete People-Centric Information Security Culture Toolkit

Minimize risk, protect corporate assets, and avoid catastrophic cybersecurity incidents by adopting a program philosophy that stresses the human element of security. People-Centric Security: Transforming Your Enterprise Security Culture shows, step-by-step, how to analyze and articulate your organization’s cultural security posture and migrate to a reliable, people-focused data protection model. Discover how to develop a structured implementation strategy, build behavioral models, identify problems, and transform security effectiveness. This practical guide includes downloadable templates, surveys, and metrics.

Explore the people, processes, and technologies behind successful information security culture

Analyze your security cultures and subcultures and identify conflicts and risks

Launch a security culture diagnostic project and interpret the results

Implement the Competing Security Cultures Framework

Gather data and create maps using Security Culture Diagnostic Surveys

Build Security FORCE Behavioral Models and use FORCE diagnostic tools

Assess security through the five FORCE values: failure, operations, resilience, complexity, and expertise

Facilitate people-centric security at the leadership level of your enterprise

Table of contents

Part I: Understanding Your Security Culture

Chapter 1: Information Security: Adventures in Culture Hacking

Chapter 2: Strategy for Breakfast: The Hidden Power of Security Culture

Chapter 3: Organizational Culture: A Primer

Chapter 4: People-Centric Security

Part II: Measuring Your Security Culture

Chapter 5: The Competing Security Cultures Framework

Chapter 6: The Security Culture Diagnostic Toolkit (SCDT)

Chapter 7: Creating Culture Maps with the Security Culture Diagnostic Toolkit

Chapter 8: Using the SCDT

Part III: Transforming Your Security Culture

Chapter 9: From Diagnosis to Transformation: Implementing People-Centric Security

Chapter 10: Security FORCE - A Behavioral Model for People-Centric Security

Chapter 11: The Security Value of Failure

Chapter 12: The Security Value of Operations

Chapter 13: The Security Value of Resilience

Chapter 14: The Security Value of Complexity

Chapter 15: The Security Value of Expertise

Chapter 16: Behavior and Culture: Mastering People-Centric Security

Chapter 17: Leadership, Power and Influence in People-Centric Security

Chapter 18: A People-Centric Future

Author comments

Lance Hayden, Ph.D., CISSP, CISM, is a Managing Director in the Technology Advisory Practice of BRG, an international strategy and research firm, and an adjunct faculty member within the School of Information at the University of Texas. Dr. Hayden's security career spans 25 years across the public, private, and academic sectors. He is a former HUMINT officer with the Central Intelligence Agency (CIA) and author of IT Security Metrics.