Your search keyword '"CISO"' showing total 210 results

101. Effective Security Management

Author

Charles A. Sennewald, Curtis Baillie, Charles A. Sennewald, and Curtis Baillie

Abstract

Effective Security Management, Seventh Edition teaches practicing security professionals how to build their careers by mastering the fundamentals of good management. Charles Sennewald and Curtis Baillie bring common sense, wisdom and humor to this bestselling introduction to security management. For both new and experienced security managers, this resource is the classic book on the topic. Provides a new chapter on problem-solving, a critical skillset for effective security management Includes expanded coverage of international topics, cases and examples Features contributions from leading security experts

Published

2020

102. Handbuch Gestaltung digitaler und vernetzter Arbeitswelten

Author

Günter W. Maier, Gregor Engels, Eckhard Steffen, Günter W. Maier, Gregor Engels, and Eckhard Steffen

Subjects

Business enterprises--Computer networks--Desig

Abstract

Dieses interdisziplinäre Handbuch richtet sich an all diejenigen, die den digitalen Wandel, der im Zusammenhang mit der vierten industriellen Revolution (Industrie 4.0) diskutiert wird, in Betrieben, Verwaltungen und der Gesellschaft besser verstehen und aktiv gestalten möchten. Die einzelnen Beiträge veranschaulichen die vielfältigen Perspektiven unterschiedlicher Disziplinen (z.B. Ingenieur-, Rechts- und Wirtschaftswissenschaften, Informatik, Psychologie, Soziologie, Erziehungswissenschaft u.a.) oder Interessensgruppen (z.B. Gewerkschaften) auf die Folgen der Digitalisierung im Arbeitsleben für Mensch, Organisation und Gesellschaft. Das gesamte Werk schlägt eine Brücke von aktuellen Forschungsergebnissen hin zu praktischen Umsetzungshinweisen. Im Zentrum stehen drei zentrale Fragen zur Digitalisierung des Arbeitslebens, und zwar woran man sich bei der Gestaltung orientieren, wie die Transformation gestaltet werden und worauf sich die Digitalisierung auswirken kann. Beispielthemen dieser 3 Bereiche: 1. Im Zusammenhang mit den Gestaltungskriterien: sichere und gesundheitsförderliche Gestaltung der digitalen Arbeitsweltarbeitsrechtliche Aspektepsychologische Arbeitsgestaltung digitaler Arbeitswelten 2. Im Zusammenhang mit der Art und Weise des Wandels von analogen zu digitalen Arbeitswelten: Chancen für gesundheitsorientierte Arbeitsgestaltung durch körpernahe und tragbare Sensorik neue Aufgabenverteilung durch kollaborative Roboter im Rahmen der Mitbestimmung Prozesse durch proaktive betriebliche Interessensvertretung gestalten 3. Im Zusammenhang mit den Konsequenzen: Auswirkungen digitaler Arbeitswelten auf die Beschäftigungsstrukturen und das Privatleben Möglichkeiten dieser Entwicklung für die Inklusion älterer Menschen oder Menschen mit Behinderung ZielgruppenAnwender/innen und Entwickler/innen digitaler Technologien, Führungskräfte, Personalleiter/innen und Entscheidungsträger/innen in Unternehmen, Verbänden und der Politik

Published

2020

103. Digital Governance : Leading and Thriving in a World of Fast-Changing Technologies

Author

Jeremy Green, Stephen Daniels, Jeremy Green, and Stephen Daniels

Subjects

Management--Technological innovations, Business enterprises--Computer networks--Management, Leadership, Social responsibility of business

Abstract

Digital Governance provides managers with a simple and jargon-free introduction to the impact that digital technology can have on the governance of their organisations. Digital technology is at the heart of any enterprise today, changing business processes and the way we work. But this technology is often used inefficiently, riskily or inappropriately. Worse perhaps, many organisational leaders fail to grasp the opportunities it offers and thus fail to'transform'their organisations through the use of technology.This book provides an explanation of the basic issues around the opportunities and risks associated with digital technology. It describes the role that digital technology can play across organisations (and not just behind the locked doors of the IT department), giving boards and top management the insight to develop strategies for investing in and exploiting digital technology as well as arming them with the knowledge required to ask the right questions of specialists and to detect when the answers given are evasive or irrelevant.International in its scope, this essential book covers the fundamental principles of digital governance such as leadership, capability, accountability for value creation and transparency of reporting, integrity and ethical behaviour.

Published

2020

104. War and Peace and IT : Business Leadership, Technology, and Success in the Digital Age

Author

Mark Schwartz and Mark Schwartz

Subjects

Technological innovations--Management, Information technology--Management, Leadership

Abstract

The Business-IT Wall Must Come DownWith A Seat at the Table, thought leader Mark Schwartz pulled out a chair for CIOs at the C-suite table. Now Mark brings his unique perspective and experience to business leaders looking to lead their company into the digital age by harnessing the expertise and innovation that is already under their roof: IT. In the war for business supremacy, Schwartz shows we must throw out the old management models and stereotypes that pit suits against nerds. Instead, business leaders of today can foster a space of collaboration and shared mission, a space that puts technologists and business people on the same team. For business leaders looking to unlock their enterprise's digital transformation, War and Peace and IT provides clear context and strategies. Schwartz demystifies the role IT plays in the modern enterprise, allowing business leaders to create new strategies for the new digital battleground. It is time to change not only the enterprise's relationship with technology, but its relationship with technologists. To accelerate, enterprises must bring technology to the heart of their work, for just as technology is causing this disruption, it is technology that provides the solution. Unlike Napoleon, it is time for business leaders to come down from the hill atop the Battle of Borodino and enter the fray with the technologists, for that is where the war will be won or lost.

Published

2019

105. Using MIS

Author

David Kroenke, Randall J Boyle, David Kroenke, and Randall J Boyle

Subjects

Management information systems

Abstract

This is the eBook of the printed book and may not include any media, website access codes, or print supplements that may come packaged with the bound book. For introductory courses in IS (information systems) and MIS (management information systems).Mastering an essential business courseEngaging and comprehensive, Using MIS helps students understand all the ways information systems are transforming the businesses of today and tomorrow. Its query-based format and creative learning aids challenge students to consider how they can anticipate and participate in that transformation. The 11th edition reflects key technological advancements and their impact on business strategy, including artificial intelligence, machine learning, and cloud-based services. New guides, exercises, and topical content keep the text current with rapid shifts in MIS and its applications.Also available with MyLab MISBy combining trusted author content with digital tools and a flexible platform, MyLab personalizes the learning experience and improves results for each student. And, with MIS Decision-Making Sims and Auto-Graded Excel™ and Access™ Projects, students learn how MIS concepts will help them succeed in their future careers.Note: You are purchasing a standalone product; MyLab MIS does not come packaged with this content. Students, if interested in purchasing this title with MyLab MIS, ask your instructor to confirm the correct package ISBN and Course ID. Instructors, contact your Pearson representative for more information.If you would like to purchase both the physical text and MyLab MIS, search for:0135411238 / 9780135411230 Using MIS Plus MyLab MIS with Pearson eText -- Access Card Package, 11/ePackage consists of: 0135191769 / 9780135191767 Using MIS, 11/e 0135205492 / 9780135205495 MyLab MIS with Pearson eText -- Access Card -- for Using MIS, 11/e

Published

2019

106. Praxisorientiertes IT-Risikomanagement : Konzeption, Implementierung und Überprüfung

Author

Matthias Knoll and Matthias Knoll

Subjects

Information technology--Risk management

Abstract

IT wird immer öfter zum Enabler für neue Geschäftsmodelle. Diese Entwicklung eröffnet einerseits eine Vielzahl neuer Chancen, bringt andererseits aber auch neuartige Risiken mit sich, da die Abhängigkeit von der IT steigt und die Komplexität zunimmt. Damit Chancen optimal genutzt werden können, ist ein integriertes IT-Risikomanagement notwendig. Es führt alle Fachdisziplinen, die bereits Risiken im IT-Kontext betrachten und behandeln, für eine bestmögliche Risikobeherrschung mit der IT zusammen. Das Buch beschreibt praxisorientiert und systematisch die Grundlagen sowie Organisationsstrukturen und Elemente des IT-Risikomanagementprozesses. Dabei werden gängige Methoden und Dokumente sowie der Einsatz von Werkzeugen anhand von zahlreichen Beispielen aus der Praxis erläutert. Ein Schwerpunkt liegt auf der schrittweisen Einführung und konsequenten Umsetzung des IT-Risikomanagements in IT-Projekten und im Betrieb in allen Organisationen, gleich welcher Größenordnung. Darüber hinaus gibt der Autor Antworten auf aktuelle Fragen zum Umgang mit Risiken aus Virtualisierung, Cloud Computing oder dem Einsatz von Geräten für das Internet der Dinge. Handlungsempfehlungen, Praxishinweise, Checklisten und Vorlagen geben Anregungen, wie IT-Risikomanagement operativ umgesetzt werden kann. Der Anhang des Buches enthält u.a. eine Übersicht über Normen, Standards und weitere Vorgaben für das IT-Risikomanagement sowie ein Glossar. Die 2. Auflage wurde komplett überarbeitet und um Themen wie DevOps/DevSec, Schatten-IT, Industrie 4.0 und datenbasierte Geschäftsmodelle erweitert.

Published

2019

107. Management Information Systems : Managing the Digital Firm

Author

Kenneth C. Laudon, Jane P. Laudon, Kenneth C. Laudon, and Jane P. Laudon

Subjects

Management information systems

Abstract

This is the eBook of the printed book and may not include any media, website access codes, or print supplements that may come packaged with the bound book. For introductory courses in IS (information systems) and MIS (management information systems).The authoritative, case-based study of IS in business todayManagement Information Systems: Managing the Digital Firm provides the most comprehensive overview of information systems used by business firms today, while drawing connections between MIS and business performance. The Laudons are known for their outstanding real-world case studies, which describe how well-known companies use IT to solve problems and achieve business objectives. Students develop sought-after skills, such as leading IS-related management discussions and using IT to meet bottom-line results. Each chapter of the 16th edition features all-new Interactive Sessions, new Video Cases, and a new Career Opportunities section building practical job-seeking skills.Also available with MyLab MISBy combining trusted author content with digital tools and a flexible platform, MyLab™ personalizes the learning experience and improves results for each student. And, with MIS Decision-Making Sims and Auto-Graded Excel and Access Projects, students learn how MIS concepts will help them succeed in their future careers.Note: You are purchasing a standalone product; MyLab MIS does not come packaged with this content. Students, if interested in purchasing this title with MyLab MIS, ask your instructor to confirm the correct package ISBN and Course ID. Instructors, contact your Pearson representative for more information.If you would like to purchase both the physical text and MyLab MIS, search for:0135409098 / 9780135409091 Management Information Systems: Managing the Digital Firm Plus MyLab MIS with Pearson eText -- Access Card Package, 16/ePackage consists of: 0135191793 / 9780135191798 Management Information Systems: Managing the Digital Firm, 16/e 0135205565 / 9780135205563 MyLab MIS with Pearson eText -- Access Card -- for Management Information Systems: Managing the Digital Firm, 16/e

Published

2019

108. Pervasive Intelligence Now : Enabling Game-Changing Outcomes in the Age of Exponential Data

Author

Anu Jain and Anu Jain

Subjects

Organizational change, Management--Statistical methods, Business intelligence, Strategic planning

Abstract

This book looks at strategies to help companies become more intelligent, connected, and agile. It discusses how companies can define and measure high-impact outcomes and use effectively analytics technology to achieve them. It also looks at the technology needed to implement the analytics necessary to achieve high-impact outcomes—from both analytics tool and technical infrastructure perspective. Also discussed are ancillary, but critical, topics such as data security and governance that may not traditionally be a part of analytics discussions but are essential in helping companies maintain a secure environment for their analytics and access the quality data they need to gain critical insights and drive better decision-making.

Published

2019

109. Praxisorientiertes IT-Risikomanagement : Konzeption, Implementierung und Überprüfung

Author

Matthias Knoll and Matthias Knoll

Abstract

IT wird immer öfter zum Enabler für neue Geschäftsmodelle. Diese Entwicklung eröffnet einerseits eine Vielzahl neuer Chancen, bringt andererseits aber auch neuartige Risiken mit sich, da die Abhängigkeit von der IT steigt und die Komplexität zunimmt. Damit Chancen optimal genutzt werden können, ist ein integriertes IT-Risikomanagement notwendig. Es führt alle Fachdisziplinen, die bereits Risiken im IT-Kontext betrachten und behandeln, für eine bestmögliche Risikobeherrschung mit der IT zusammen. Das Buch beschreibt praxisorientiert und systematisch die Grundlagen sowie Organisationsstrukturen und Elemente des IT-Risikomanagementprozesses. Dabei werden gängige Methoden und Dokumente sowie der Einsatz von Werkzeugen anhand von zahlreichen Beispielen aus der Praxis erläutert. Ein Schwerpunkt liegt auf der schrittweisen Einführung und konsequenten Umsetzung des IT-Risikomanagements in IT-Projekten und im Betrieb in allen Organisationen, gleich welcher Größenordnung. Darüber hinaus gibt der Autor Antworten auf aktuelle Fragen zum Umgang mit Risiken aus Virtualisierung, Cloud Computing oder dem Einsatz von Geräten fu?r das Internet der Dinge. Handlungsempfehlungen, Praxishinweise, Checklisten und Vorlagen geben Anregungen, wie IT-Risikomanagement operativ umgesetzt werden kann. Der Anhang des Buches enthält u.a. eine Übersicht u?ber Normen, Standards und weitere Vorgaben fu?r das IT-Risikomanagement sowie ein Glossar. Die 2. Auflage wurde komplett überarbeitet und um Themen wie DevOps/DevSec, Schatten-IT, Industrie 4.0 und datenbasierte Geschäftsmodelle erweitert.Prof. Dr. Matthias Knoll, CISA, ist Professor für Betriebswirtschaftslehre an der Hochschule Darmstadt. Sein Spezialgebiet ist die betriebliche Informationsverarbeitung mit den Schwerpunkten GRC-Management, IT-Prüfung und IT-Controlling. Er studierte an der Universität Stuttgart technisch orientierte Betriebswirtschaftslehre mit den Schwerpunkten Organisation, Wirtschaftsinformatik und Nachrichtentechnik. Im Jahr 2000 promovierte er über die Fragestellung der Abbildung und Steuerung organisationsübergreifender Geschäftsprozesse mit objektorientierten CSCW-Systemen. Es folgte bis zur Berufung an die Hochschule Darmstadt eine sechsjährige Tätigkeit im BI-Umfeld in der IT-Abteilung eines großen Finanzdienstleisters in Baden-Württemberg.

Published

2019

110. Security Awareness : Grundlagen, Maßnahmen und Programme für die Informationssicherheit

Author

Stefan Beißel and Stefan Beißel

Subjects

Information technology--Security measures, Computer security--Management

Abstract

Die Awareness für Informationssicherheit gewinnt aufgrund einer steigenden Bedrohungslage und immer strengerer Compliance-Anforderungen zunehmend an Bedeutung. Das Buch bietet eine fundierte Einführung in die Awareness und eine Handlungshilfe für die Gestaltung und Umsetzung von geeigneten Maßnahmen. Es vermittelt auch Wissen darüber, welche Verknüpfungen die Awareness zu anderen Fachbereichen besitzt. Unter anderem werden Risikomanagement, Wirtschaftlichkeit, Governance, Compliance und Lernpsychologie betrachtet. Mit dem Kapitel Einführung werden Einblicke in die heutigen Gefahren für Informationen und die Bedeutung der Awareness gegeben. Außerdem ist ein Ausblick zu den weiteren Inhalten des Buchs enthalten. Das Kapitel Grundlagen adressiert drei fundamentale Bereiche, auf denen die Awareness basiert: Die Informationssicherheit wird in Bezug auf die begrifflichen Grundlagen und einer risikoorientierten und wirtschaftlichen Betrachtung von Awareness-Maßnahmen erläutert. Die Verhaltenssteuerung wird aus lernpsychologischer Sicht betrachtet und verhilft zu wichtigen Erkenntnissen über fundamentale Erfolgsfaktoren in der Awareness. Die Governance der Awareness verdeutlicht die Einbettung von Steuerungsmaßnahmen auf der Führungsebene des Unternehmens und veranschaulicht Awareness aus strategischer und taktischer Sicht. Das Kapitel Awareness-Maßnahmen beschreibt alle Aspekte, die beim Verstehen und Gestalten dieser Maßnahmen interessant sind. Dabei wird erläutert, was sie bezwecken, wer durch sie adressiert werden kann, welche Medien infragekommen und wie sie im Unternehmen umgesetzt und integriert werden können. Auch die Nutzung von Synergien und die Erfüllung von Compliance-Vorgaben werden betrachtet. Das Kapitel Awareness-Programme geht auf alle Phasen ein, die durchlaufen werden sollten, wenn ein Bündel von Awareness-Maßnahmen strukturiert vorbereitet und umgesetzt wird. Darunter befinden sich z.B. Anforderungs- und Bedarfsanalysen, um sowohl Compliance-Vorgaben als auch unternehmensspezifische Sicherheitsanforderungen einzubeziehen. Verschiedene Modelle und Methoden zeigen auf, wie Planung, Implementierung und Beurteilung unterstützt werden können. Ein praxisorientiertes Fallbeispiel erhöht die Verständlichkeit und erleichtert die Anwendung. Im Kapitel Zusammenfassung werden die wesentlichen Informationen nochmals in komprimierter Weise dargestellt. Damit kann der Leser einen schnellen Einblick in die Thematik gewinnen und in kurzer Zeit ein Grundgerüst für die Awareness im Unternehmen zusammenstellen. Das Buch vereint theoretische Hintergründe zur Awareness mit praktischen Methoden zur Gestaltung und Umsetzung von Maßnahmen bis hin zu komplexen Programmen. Das Buch kann zur ersten Orientierung in der Awareness genauso verwendet werden wie zur Recherche und als Leitfaden. Dr. Stefan Beißel (CISM, CISA, CISSP, PMP) ist Leiter für Informationssicherheit und Risikomanagement bei einem führenden europäischen Dienstleister für Straßenbenutzungsgebühren, besitzt Erfahrung als Hochschuldozent und promovierte an der Fakultät für Wirtschaftswissenschaften der Universität Duisburg-Essen.

Published

2019

111. Strategic IT Governance and Performance Frameworks in Large Organizations

Author

Yassine Maleh, Abdelkebir Sahid, Mustapha Belaissaoui, Yassine Maleh, Abdelkebir Sahid, and Mustapha Belaissaoui

Subjects

Information technology--Management

Abstract

As digitization continues to bring rapid changes to businesses, companies must remain agile in order to comply with changing regulations and maintain governance and compliance while achieving its business objectives. To achieve this agility, IT staff within these companies must be able to respond quickly to changing business needs while maintaining existing and efficient infrastructure. Strategic IT Governance and Performance Frameworks in Large Organizations is an essential reference source that provides emerging frameworks and models that implement an efficient strategic IT governance in organizations and discusses the effects these policies have on the business as a whole. Featuring six international case studies from large organizations, this title covers topics such as IT management, security policy, and organizational governance, and is ideally designed for IT specialists, academicians, researchers, policymakers, and managers.

Published

2019

112. IT Management in the Digital Age : A Roadmap for the IT Department of the Future

Author

Nils Urbach, Frederik Ahlemann, Nils Urbach, and Frederik Ahlemann

Subjects

Strategic planning, Information technology--Management

Abstract

This book examines the massive changes currently taking place in the business world and commonly known under the label “digitalization.” In addition, it describes the significant impacts of technological innovations on processes, products, services and business models. The digital transformation resulting from these developments leads to disruption for many enterprises and industries. While for many years, IT departments mainly concentrated on fulfilling the requirements of business departments effectively and efficiently by means of high-quality IT services and operations, today's IT departments are increasingly expected to actively co-design and co-create the enterprise. This book describes how information technology enables innovation for businesses, and how IT departments can proactively and in a timely manner collaborate with the business departments of their corporation to leverage these innovations. It also delineates the implications of digitalization for the structures, processes and people in today's IT departments. IT leaders and managers who are responsible for corporate IT, as well as practice-oriented researchers, will find valuable inspirations and guidance in this book, the central mission of which is to encourage and enable a more proactive role for IT in the digital transformation processes.'This book demonstrates the impact of digital transformation on IT organizations and their management. It also presents potential risks for technology availability, security and data protection. The authors develop a vision of what IT management should look like in ten years if it is to continue playing an important role in the company. The book seeks to motivate IT executives and managers with IT responsibility to actively adapt their thinking and their IT organizations before they are forced to react to external pressure. Definitely worth reading!'Sven Kreimendahl, Director Business Technology Services, Campana & Schott

Published

2019

113. Security and Loss Prevention : An Introduction

Author

Philip Purpura and Philip Purpura

Subjects

Employee theft--Prevention

Abstract

Security and Loss Prevention: An Introduction, Seventh Edition, provides introductory and advanced information on the security profession. Security expert, Phil Purpura, CPP, includes updates on security research, methods, strategies, technologies, laws, issues, statistics and career options, providing a comprehensive and interdisciplinary book that draws on many fields of study for concepts, strategies of protection and research. The book explains the real-world challenges facing security professionals and offers options for planning solutions. Linking physical security with IT security, the book covers internal and external threats to people and assets and private and public sector responses and issues. As in previous editions, the book maintains an interactive style that includes examples, illustrations, sidebar questions, boxed topics, international perspectives and web exercises. In addition, course instructors can download ancillaries, including an instructor's manual with outlines of chapters, discussion topics/special projects, essay questions, and a test bank and PowerPoint presentation for each chapter. Covers topics including Enterprise Security Risk Management, resilience, the insider threat, active assailants, terrorism, spies, the Internet of things, the convergence of physical security with IT security, marijuana legalization, and climate change Emphasizes critical thinking as a tool for security and loss prevention professionals who must think smarter as they confront a world filled with many threats such as violence, cyber vulnerabilities, and security itself as a soft target Utilizes end-of-chapter problems that relate content to real security situations and issues Serves both students and professionals interested in security and loss prevention for a wide variety of operations—industrial, critical infrastructure sectors, retail, healthcare, schools, non-profits, homeland security agencies, criminal justice agencies, and more

Published

2019

114. Business Information Systems : 22nd International Conference, BIS 2019, Seville, Spain, June 26–28, 2019, Proceedings, Part I

Author

Witold Abramowicz, Rafael Corchuelo, Witold Abramowicz, and Rafael Corchuelo

Subjects

Application software, Business information services, Data mining, Quantitative research, Software engineering

Abstract

The two-volume set LNBIP 353 and 354 constitutes the proceedings of the 22nd International Conference on Business Information Systems, BIS 2019, held in Seville, Spain, in June 2019. The theme of the BIS 2019 was'Data Science for Business Information Systems', inspiring researchers to share theoretical and practical knowledge of the different aspects related to Data Science in enterprises. The 67 papers presented in these proceedings were carefully reviewed and selected from 223 submissions. The contributions were organized in topical sections as follows: Part I: Big Data and Data Science; Artificial Intelligence; ICT Project Management; and Smart Infrastructure. Part II: Social Media and Web-based Systems; and Applications, Evaluations and Experiences.

Published

2019

115. Enterprise Architecture for Global Companies in a Digital IT Era : Adaptive Integrated Digital Architecture Framework (AIDAF)

Author

Yoshimasa Masuda, Murlikrishna Viswanathan, Yoshimasa Masuda, and Murlikrishna Viswanathan

Subjects

Cloud computing, Computer network architectures, Management information systems, Information technology

Abstract

This book investigates solutions incorporated by architecture boards in global enterprises to resolve issues and mitigate related architecture risks, while also proposing and implementing an adaptive integrated digital architecture framework (AIDAF) and related models and approaches/platforms, which can be applied in companies to promote IT strategies using cloud/mobile IT/digital IT. The book is divided into three main parts, the first of which (Chapters 1–2) addresses the background and motivation for AIDAF aligned with digital IT strategies. The second part (Chapter 3) provides an overview of strategic enterprise architecture (EA) frameworks for digital IT, elaborates on the essential elements of EA frameworks in the digital IT era, and advocates using AIDAF, models for architecture assessment/risk management, knowledge management on digital platforms. In turn, the third part (Chapters 4–7) demonstrates the application and benefits of AIDAF and relatedmodels, as shown in three case studies. “I found this book to be a very nice contribution to the EA community of practice. I can recommend this book as a textbook for digital IT strategists/practitioners, EA practitioners, students in universities and graduate schools.” (From the Foreword by Scott A. Bernard) “In this new age of the digital information society, it is necessary to advocate a new EA framework. This book provides state-of-the art knowledge and practices about EA frameworks beneficial for IT practitioners, IT strategists, CIO, IT architects, and even students. It serves as an introductory textbook for all who drive the information society in this era.”(From the Foreword by Jun Murai)

Published

2019

116. Cyber Risk Management : Prioritize Threats, Identify Vulnerabilities and Apply Controls

Author

Christopher J Hodson and Christopher J Hodson

Subjects

Industrial management, Cyberspace--Security measures--Management

Abstract

Most organizations are undergoing a digital transformation of some sort and are looking to embrace innovative technology, but new ways of doing business inevitably lead to new threats which can cause irreparable financial, operational and reputational damage. In an increasingly punitive regulatory climate, organizations are also under pressure to be more accountable and compliant. Cyber Risk Management clearly explains the importance of implementing a cyber security strategy and provides practical guidance for those responsible for managing threat events, vulnerabilities and controls, including malware, data leakage, insider threat and Denial-of-Service. Examples and use cases including Yahoo, Facebook and TalkTalk, add context throughout and emphasize the importance of communicating security and risk effectively, while implementation review checklists bring together key points at the end of each chapter. Cyber Risk Management analyzes the innate human factors around risk and how they affect cyber awareness and employee training, along with the need to assess the risks posed by third parties. Including an introduction to threat modelling, this book presents a data-centric approach to cyber risk management based on business impact assessments, data classification, data flow modelling and assessing return on investment. It covers pressing developments in artificial intelligence, machine learning, big data and cloud mobility, and includes advice on responding to risks which are applicable for the environment and not just based on media sensationalism.

Published

2019

117. Cybersecurity : The Insights You Need From Harvard Business Review

Author

Harvard Business Review, Alex Blau, Andrew Burt, Boris Groysberg, Roman V. Yampolskiy, Harvard Business Review, Alex Blau, Andrew Burt, Boris Groysberg, and Roman V. Yampolskiy

Subjects

Business enterprises--Security measures, Computer security

Abstract

No data is completely safe.Cyberattacks on companies and individuals are on the rise and growing not only in number but also in ferocity. And while you may think your company has taken all the precautionary steps to prevent an attack, no individual, company, or country is safe. Cybersecurity can no longer be left exclusively to IT specialists. Improving and increasing data security practices and identifying suspicious activity is everyone's responsibility, from the boardroom to the break room.Cybersecurity: The Insights You Need from Harvard Business Review brings you today's most essential thinking on cybersecurity, from outlining the challenges to exploring the solutions, and provides you with the critical information you need to prepare your company for the inevitable hack. The lessons in this book will help you get everyone in your organization on the same page when it comes to protecting your most valuable assets.Business is changing. Will you adapt or be left behind?Get up to speed and deepen your understanding of the topics that are shaping your company's future with the Insights You Need from Harvard Business Review series. Featuring HBR's smartest thinking on fast-moving issues--blockchain, cybersecurity, AI, and more--each book provides the foundational introduction and practical case studies your organization needs to compete today and collects the best research, interviews, and analysis to get it ready for tomorrow. You can't afford to ignore how these issues will transform the landscape of business and society. The Insights You Need series will help you grasp these critical ideas--and prepare you and your company for the future.

Published

2019

118. A Leader's Guide to Cybersecurity : Why Boards Need to Lead--and How to Do It

Author

Thomas J. Parenty, Jack J. Domet, Thomas J. Parenty, and Jack J. Domet

Subjects

Organizational behavior, Business planning, Computer security, Boards of directors

Abstract

Cybersecurity threats are on the rise. As a leader, you need to be prepared to keep your organization safe.Companies are investing an unprecedented amount of money to keep their data and assets safe, yet cyberattacks are on the rise--and the problem is worsening. No amount of technology, resources, or policies will reverse this trend. Only sound governance, originating with the board, can turn the tide.Protection against cyberattacks can't be treated as a problem solely belonging to an IT or cybersecurity department. It needs to cast a wide and impenetrable net that covers everything an organization does--from its business operations, models, and strategies to its products and intellectual property. And boards are in the best position to oversee the needed changes to strategy and hold their companies accountable. Not surprisingly, many boards aren't prepared to assume this responsibility.In A Leader's Guide to Cybersecurity, Thomas Parenty and Jack Domet, who have spent over three decades in the field, present a timely, clear-eyed, and actionable framework that will empower senior executives and board members to become stewards of their companies'cybersecurity activities. This includes:Understanding cyber risks and how best to control themPlanning and preparing for a crisis--and leading in its aftermathMaking cybersecurity a companywide initiative and responsibilityDrawing attention to the nontechnical dynamics that influence the effectiveness of cybersecurity measuresAligning the board, executive leadership, and cybersecurity teams on prioritiesFilled with tools, best practices, and strategies, A Leader's Guide to Cybersecurity will help boards navigate this seemingly daunting but extremely necessary transition.

Published

2019

119. Information Technology Control and Audit, Fifth Edition

Author

Angel R. Otero and Angel R. Otero

Subjects

Electronic data processing, Information technology

Abstract

The new fifth edition of Information Technology Control and Audit has been significantly revised to include a comprehensive overview of the IT environment, including revolutionizing technologies, legislation, audit process, governance, strategy, and outsourcing, among others. This new edition also outlines common IT audit risks, procedures, and involvement associated with major IT audit areas. It further provides cases featuring practical IT audit scenarios, as well as sample documentation to design and perform actual IT audit work. Filled with up-to-date audit concepts, tools, techniques, and references for further reading, this revised edition promotes the mastery of concepts, as well as the effective implementation and assessment of IT controls by organizations and auditors. For instructors and lecturers there are an instructor's manual, sample syllabi and course schedules, PowerPoint lecture slides, and test questions. For students there are flashcards to test their knowledge of key terms and recommended further readings. Go to http://routledgetextbooks.com/textbooks/9781498752282/ for more information.

Published

2019

120. Advances in Enterprise Engineering XII : 8th Enterprise Engineering Working Conference, EEWC 2018, Luxembourg, Luxembourg, May 28 – June 1, 2018, Proceedings

Author

David Aveiro, Giancarlo Guizzardi, Sérgio Guerreiro, Wided Guédria, David Aveiro, Giancarlo Guizzardi, Sérgio Guerreiro, and Wided Guédria

Subjects

Application software, Business information services, Information technology—Management, Data protection

Abstract

This book constitutes the proceedings of the 8th Enterprise Engineering Working Conference, EEWC 2018, held in Luxembourg, Luxembourg, in May/June 2018. EEWC aims at addressing the challenges that modern and complex enterprises are facing in a rapidly changing world. The participants of the working conference share a belief that dealing with these challenges requires rigorous and scientific solutions, focusing on the design and engineering of enterprises. The goal of EEWC is to stimulate interaction between the different stakeholders, scientists as well as practitioners, interested in making Enterprise Engineering a reality. The 9 full papers and 3 short papers presented in this volume were carefully reviewed and selected from 24 submissions. They were organized in topical sections named: on architecture; on security and blockchain; on DEMO; and on teaching.

Published

2018

121. Managing Cybersecurity Risk : Cases Studies and Solutions

Author

Jonathan Reuvid and Jonathan Reuvid

Subjects

Computer crimes--Prevention, Data protection, Business enterprises--Computer networks--Security measures, Corporations--Security measures, Computer security

Abstract

The first edition, published November 2016, was targeted at the directors and senior managers of SMEs and larger organisations that have not yet paid sufficient attention to cybersecurity and possibly did not appreciate the scale or severity of permanent risk to their businesses. The book was an important wake-up call and primer and proved a significant success, including wide global reach and diverse additional use of the chapter content through media outlets. The new edition, targeted at a similar readership, will provide more detailed information about the cybersecurity environment and specific threats. It will offer advice on the resources available to build defences and the selection of tools and managed services to achieve enhanced security at acceptable cost. A content sharing partnership has been agreed with major technology provider Alien Vault and the 2017 edition will be a larger book of approximately 250 pages.

Published

2018

122. The Digital Transformation of the Automotive Industry : Catalysts, Roadmap, Practice

Author

Uwe Winkelhake and Uwe Winkelhake

Subjects

Automobiles--Automatic control, Automobiles--Electronic equipment, Automobiles--Design and construction--Technological innovations, Automobile industry and trade--Technological innovations

Abstract

Building on his decades of experience as a consultant and project manager in the automotive industry, the author develops comprehensive and pragmatic recommendations for action regarding the digital transformation of the automotive and supplier industries. At the heart is the transition from a vehicle-focused to a mobility-oriented business model. Based on the catalysts of the digital change, four digitisation fields are structured, and a roadmap for their transformation is presented. The topics of comprehensive change in corporate culture and an agile and efficient information technology are covered in detail as vital success factors. Selected practical examples of innovative digitisation projects provide additional ideas and impulses. An outlook on the automotive industry in the year 2040 completes the discourse.

Published

2018

123. Easy Steps to Managing Cybersecurity

Author

Jonathan Reuvid and Jonathan Reuvid

Subjects

Internet of things-Security measures

Abstract

An introductory guide to managing cybersecurity for businesses. How to prevent, protect and respond to threats.Providing an insight to the extent and scale a potential damage could cause when there is a breech in cyber security. It includes case studies and advice from leading industry professionals, giving you the necessary strategies and resources to prevent, protect and respond to any threat:Introduction to cyber securitySecurity frameworkSupport services for UK public and private sectorsCyber security developmentsRouting a map for resilienceProtecting financial dataCountermeasures to advance threatsManaging incidents and breachesPreparing for further threatsUpdating contingency plans

Published

2018

124. The Secure CiO : How to Hire and Retain Great Cyber Security Talent to Protect Your Organisation

Author

Claire Pales and Claire Pales

Subjects

Employee selection, Computer security--Management

Abstract

Are you a CIO currently leading, or would like to lead, cyber or information security professionals? Do you find the idea of going to market in search of a security leader a daunting task? The current security job market has become increasingly difficult to navigate for hiring managers and candidates alike. Many roles globally, sit vacant for months and the uncertainty this can cause for CIOs, on top of their mounting workload, is difficult to address and causes increased risk for the organisation. This book provides a step-by-step framework to address the challenges of finding and retaining cyber security leaders. Guiding CIOs and their peers through the establishment of a Security Agenda, this straightforward framework doesn't end at contract signing. From establishing non-negotiable traits to ensuring the new leader effectively transitions into the role, The Secure CIO removes the burden of hiring a cyber security leader. Written by respected information security blogger, Claire Pales, this book is for any CIO leading security staff - whether currently hiring or still considering the best way to address cyber risk in an organisation.

Published

2018

125. Strategic Information Technology : Best Practices to Drive Digital Transformation

Author

Arthur M. Langer, Lyle Yorks, Arthur M. Langer, and Lyle Yorks

Subjects

Information technology--Management, Strategic planning, Chief information officers

Abstract

Successfully navigate the changing face of the CIO role Strategic Information Technology offers CIOs a handbook for engaging with the senior management conversations surrounding strategy. The CIO role is currently undergoing a massive transition from technology-focused expert to a more strategic mindset, and this book provides proven methods for taking your seat at the table. Lessons from high-performing CIOs and a wealth of leading-edge insight provide invaluable guidance for positioning technology as a strategic driver across the business, while a focus on building the necessary connections—for example, an alliance between IT and HR—provide a multimodal approach to navigating the transition. The evolution of the CIO's role involves more than simply technical knowledge; the new CIO must be an influencer, an engager, and just as adept at the soft skills that become increasingly crucial as you climb the management ladder. It's about changing mindsets, translating hard skills into strategic advantages, and demonstrating IT's value to the strategic decision making process. This book provides best practices, illustrative examples, and up-to-date perspective for CIOs wanting to: Position IT as a critical driver of overall strategy Build on functional expertise with strategic insight Learn from the stories of successful tech-to-strategy transformations Engage C-Suite peers in shaping the strategic conversation Not long ago, the CIO occupied a unique place in the C-Suite. Executive by title, CIOs have nevertheless been seen as predominantly the “chief tech expert” with little input into strategy, as IT has historically been regarded as a tool rather than a source of competitive advantage. The truth is becoming increasingly apparent, with companies around the world turning to technology in order to gain a competitive edge, and CIOs are beginning to claim their place in strategy discussions. Strategic Information Technology offers much needed guidance for a successful transformation.

Published

2018

126. The Chief Data Officer's Playbook

Author

Caroline Carruthers, Peter Jackson, Caroline Carruthers, and Peter Jackson

Subjects

Data protection--Guidebooks, Database management--Guidebooks, Information resources management, Management information systems

Abstract

The new and rapidly expanding role of the Chief Data Officer (CDO) is of significant interest and relevance to organisations and data professionals internationally. Written by two practicing CDOs, this book offers a jargon-free, practical guide to making better decisions based on data. Content covered includes: why does any organisation need a CDO? the secret ingredients of the successful CDO avoiding the hype cycle building the CDO team who leads the technology? the CDO and data governance: enablement not red tape. This book will offer key insight for CDOs looking to understand their position better, for aspiring CDOs and data officers looking at career progression, for those recruiting CDOs, and offers essential knowledge for anyone else operating in the current data environment.

Published

2018

127. Processes, Systems, and Information : An Introduction to MIS

Author

Earl H. McKinney Jr, David M. Kroenke, Earl H. McKinney Jr, and David M. Kroenke

Abstract

For introductory courses in Management Information Systems A process focus that's engaging, relevant, and easy to teach Transform your MIS course with Processes, Systems, and Information: An Introduction to MIS – a hands-on, process approach to business. Earl H. McKinney, Jr., and David M. Kroenke show students exactly how businesses use information systems and technology to create competitive strategies, support business processes, and accomplish their goals. Complete with numerous examples of business situations, this book helps students understand what business systems actually are and why they're so important. In the 3rd Edition, you'll find a reflection of the current technological landscape, coverage of technologies new to the business scene, and a strong emphasis on security. Its clear and concise presentation, within the process context, makes Processes, Systems, and Information the ideal book for majors and non-majors alike. Non-majors will see the vital role IS plays in supporting their business processes. Also available with MyLab MIS MyLab™ is the teaching and learning platform that empowers you to reach every student. By combining trusted author content with digital tools and a flexible platform, MyLab personalizes the learning experience and improves results for each student. And, with Decision-Making Mini Simulations and Auto-Graded Excel and Access Projects, students learn how MIS concepts will help them succeed in their future careers. Note: You are purchasing a standalone product; MyLab MIS does not come packaged with this content. Students, if interested in purchasing this title with MyLab MIS, ask your instructor for the correct package ISBN and Course ID. Instructors, contact your Pearson representative for more information. If you would like to purchase both the physical text and MyLab MIS, search for: 0134854446 / 9780134854441 MyLab MIS with Pearson eText for Processes, Systems, and Information: An Introduction to MIS -- Access Card Package, 3/e Package consists of: 0134827007 / 9780134827001 Processes, Systems, and Information: An Introduction to MIS, 3rd Edition 013486722X / 9780134867229 MyLab MIS with Pearson eText — Access Card — for Processes, Systems, and Information: An Introduction to MIS

Published

2018

128. Innovative Applications of Knowledge Discovery and Information Resources Management

Author

Susan Swayze, Valerie Ford, Susan Swayze, and Valerie Ford

Subjects

Management information systems, Information services, Information resources management, Knowledge management

Abstract

Technological advancements have become an integral part of life, impacting the way we work, communicate, make decisions, learn, and play. As technology continually progresses, humans are being outpaced by its capabilities, and it is important for businesses, organizations, and individuals to understand how to optimize data and to implement new methods for more efficient knowledge discovery and information management and retrieval. Innovative Applications of Knowledge Discovery and Information Resources Management offers in-depth coverage on the pervasiveness of technological change with a collection of material on topics such as the impact of permeable work-life boundaries, burnout and turnover, big data usage, and computer-based learning. It proves a worthy source for academicians, practitioners, IT leaders, IT professionals, and advanced-level students interested in examining the ways in which technology is changing the world.

Published

2018

129. Always-On Enterprise Information Systems for Modern Organizations

Author

Bajgorić, Nijaz, IGI Global, Bajgorić, Nijaz, and IGI Global

Subjects

Business enterprises--Computer networks, Management information systems, Information technology--Management, Client/server computing, Electronic commerce

Abstract

Continuous improvements in digitized practices have created opportunities for businesses to develop more streamlined processes. This not only leads to higher success in day-to-day production, but it increases the overall success of businesses. Always-On Enterprise Information Systems for Modern Organizations is a critical scholarly resource that examines how EIS implementations support business processes and facilitate this in today's e-business environment. Featuring coverage on a broad range of topics such as customer relations management, supply chain management, and business intelligence, this book is geared towards professionals, researchers, managers, consultants, and university students interested in emerging developments for business process management.

Published

2018

130. Intro to GDPR : A Plain English Guide to Compliance

Author

Punit Bhatia and Punit Bhatia

Subjects

Privacy, Right of--European Union countries, Data protection--Law and legislation--European Union countries

Abstract

Intro to GDPR is written by experienced data protection professional Punit Bhatia. Bhatia has served as the Privacy and Protection Officer in an EU-based bank and lecturer at the Solvay Brussels School of Economics and Management. He is Certified Information Privacy Professional ‑ Europe (CIPP-E), Certified Information Privacy Manager (CIPM), and Certified Outsourcing Professional (COP). Bhatia will lead you through the complex journey to the GDPR compliance with the simple language and many practical examples. Whether you are a complete beginner or experienced data protection practitioner this book is the right resource for you. Intro to GDPR is a complete guide to compliance. Bhatia uses the simple language, understandable to everyone in order to lead you from the introduction all the way to getting your organization GDPR compliant. In this book you will learn: 1. Which organisations need to be compliant with the GDPR? 2. Key terms in the GDPR. You will get familiarized with key terms that form the basis of the GDPR. You will learn definitions of terms: “Personal data”, “Special categories of personal data”, “Processing” difference between terms “Controller” and “Processor” and others. 3. Myths about the GDPR like “the GDPR is only applicable in the EU”, “The GDPR is about fines” and others. 4. Transparency through the privacy notice. As written in the book, “transparency is one of the key principles in the EU GDPR” so it is important to understand what is transparency and privacy notice but also what are the key requirements and contents of a privacy notice. 5. Data breaches. “GDPR requirements on data breaches are different for controllers and for processors” – this chapter will make you aware of data breach requirements and key actions that are required once a breach is detected. 6. What is the first thing to do to become compliant and what are the key factors to remain compliant with the GDPR, and much more. Written in plain English, with many practical examples, Intro to GDPR is the only book you need on the subject of GDPR.

Published

2018

131. Business Continuity Management in Outsourcing-Beziehungen : Risiken, Maßnahmen und Fallstudien

Author

Simon Erb and Simon Erb

Subjects

Industrial management--Case studies, Contracting out--Case studies

Abstract

Simon Erb analysiert relevante Business-Continuity-Risiken, die entstehen, wenn Unternehmen kritische IT-Systeme an unabhängige Provider auslagern, und arbeitet mögliche risikomindernde Maßnahmen systematisch auf. Anhand von Fallstudien bei funf großen schweizer Unternehmen zeigt er auf, welche Maßnahmen diese Unternehmen tatsächlich umsetzen und welche Faktoren die Assimilation von BCM in Outsourcing-Beziehungen positiv beeinflussen. Mit Business Continuity Management stellen Unternehmen sicher, dass kritische Geschäftsprozesse beim Eintritt von schwerwiegenden Ereignissen fortgeführt werden können. Outsourcing führt dazu, dass nicht mehr alle Business-Continuity-Risiken direkt durch das auslagernde Unternehmen gesteuert werden können. Deshalb müssen diese Risiken gesondert berücksichtigt werden.

Published

2017

132. Building a Practical Information Security Program

Author

Jason Andress, Mark Leary, Jason Andress, and Mark Leary

Subjects

Computer networks--Security measures, Information storage and retrieval systems--Security measures, Computer security

Abstract

Building a Practical Information Security Program provides users with a strategic view on how to build an information security program that aligns with business objectives. The information provided enables both executive management and IT managers not only to validate existing security programs, but also to build new business-driven security programs. In addition, the subject matter supports aspiring security engineers to forge a career path to successfully manage a security program, thereby adding value and reducing risk to the business. Readers learn how to translate technical challenges into business requirements, understand when to'go big or go home,'explore in-depth defense strategies, and review tactics on when to absorb risks. This book explains how to properly plan and implement an infosec program based on business strategy and results. - Provides a roadmap on how to build a security program that will protect companies from intrusion - Shows how to focus the security program on its essential mission and move past FUD (fear, uncertainty, and doubt) to provide business value - Teaches how to build consensus with an effective business-focused program

Published

2017

133. Beginning Power BI : A Practical Guide to Self-Service Data Analytics with Excel 2016 and Power BI Desktop

Author

Dan Clark and Dan Clark

Subjects

Business--Data processing, Information visualization--Computer programs, Business intelligence--Computer programs, Visual analytics, Management--Data processing

Abstract

Analyze your company's data quickly and easily using Microsoft's latest tools. You will learn to build scalable and robust data models to work from, clean and combine different data sources effectively, and create compelling visualizations and share them with your colleagues.Author Dan Clark takes you through each topic using step-by-step activities and plenty of screen shots to help familiarize you with the tools. This second edition includes new material on advanced uses of Power Query, along with the latest user guidance on the evolving Power BI platform. Beginning Power BI is your hands-on guide to quick, reliable, and valuable data insight.What You'll LearnSimplify data discovery, association, and cleansingBuild solid analytical data modelsCreate robust interactive data presentationsCombine analytical and geographic data in map-based visualizationsPublish and share dashboards and reportsWho This Book Is ForBusiness analysts, database administrators, developers, and other professionals looking to better understand and communicate with data

Published

2017

134. From Corporate Security to Commercial Force : A Business Leader's Guide to Security Economics

Author

Marko Cabric and Marko Cabric

Subjects

Security systems, Computer security

Abstract

From Corporate Security to Commercial Force: A Business Leader's Guide to Security Economics addresses important issues, such as understanding security related costs, the financial advantages of security, running an efficient security organization, and measuring the impact of incidents and losses. The book guides readers in identifying, understanding, quantifying, and measuring the direct and economic benefits of security for a business, its processes, products, and consequently, profits. It quantifies the security function and explains the never-before analyzed tangible advantages of security for core business processes. Topics go far beyond simply proving that security is an expense for a company by providing business leaders and sales and marketing professionals with actual tools that can be used for advertising products, improving core services, generating sales, and increasing profits. - Highlights and offers insight on issues such as the role of security in advertising and its actual marketing appeal and sales potential - Features tools that can be implemented by readers in order to improve key business processes - Offers advice for improving key business processes, improving the reputation of the company, the marketing appeal of products, (or services) and helping to increase sales

Published

2017

135. The Innovator’s Imperative : Rapid Technology Adoption for Digital Transformation

Author

Stephen J Andriole, Thomas Cox, Kaung M. Khin, Stephen J Andriole, Thomas Cox, and Kaung M. Khin

Subjects

Technology transfer, Technology--Social aspects, Disruptive technologies

Abstract

The pace of technological change is accelerating, hyper competition is growing, opportunities for business model disruption are exploding, and comprehensive cloud delivery is readily available. These factors challenge every aspect of business technology strategy. The Innovator's Imperative: Rapid Technology Adoption for Digital Transformation prepares twenty-first century businesses leaders for competing and leading in this disruptive digital environment. Five years of research conducted by the authors suggests that leading companies have all but abandoned the requirements analysis and modeling best practices of the twentieth century. Accordingly, the authors put forth the innovator's imperative that contends: All companies wanting to be competitive should adopt emerging and disruptive technologies as quickly as possible, and in many cases, immediately. Technology is driving business strategy, and companies are rethinking their technology strategy, especially the governance that determines how and why technology investments are made. Based on their research the authors have developed a five-step framework for digital transformation: Model and simulate Identify high-leverage opportunities Prioritize transformational targets Identify digital opportunities Find courageous leaders The book explains each of these steps to guide business leaders in architecting digital transformation projects according to their organization's market positions, budgets, objectives, and corporate culture. Hyper-competitive, disruptive companies are jumping across technology adoption phases without regard to any phasing whatsoever. Companies focused on digital transformation often adopt emerging technologies immediately. They have become early adopters of technologies that can impact existing—and create whole new—business models and processes. This book examines this jump into new technologies, processes, and business models to prepare twenty-first century business leaders to make that leap.

Published

2017

136. Managementsysteme für Informationssicherheit (ISMS) mit DIN EN ISO/IEC 27001 betreiben und verbessern

Author

Wolfgang Böhmer, Knut Haufe, Sebastian Klipper, Thomas Lohre, Rainer Rumpel, Bernhard C. Witt, DIN e.V, Wolfgang Böhmer, Knut Haufe, Sebastian Klipper, Thomas Lohre, Rainer Rumpel, Bernhard C. Witt, and DIN e.V

Abstract

Der Band aus der Reihe Beuth Praxis unterstützt Sie bei der Weiterentwicklung und Verbesserung Ihres Informationssicherheits-Managements und bei der kontinuierlichen Verbesserung der Prozesse (Stichwort:'Check und Act'). Er erleichtert Ihnen den effektiven Betrieb eines ISMS, beantwortet Fragen, die nach der Implementierung eines ISMS aufkommen, bietet einen Überblick über das Normungsumfeld und thematisch angrenzende Literatur und hilft Ihnen bei der erfolgreichen Rezertifizierung nach DIN EN ISO 27001.'Managementsysteme für Informationssicherheit'stellt Ihnen ISMS auch anhand eines ausführlichen Fallbeispiels vor - immer unter Berücksichtigung des Zertifizierungsaspekts und basiert auf der Normenreihe DIN ISO/IEC 27000 ff.

Published

2017

137. The Human Element of Big Data : Issues, Analytics, and Performance

Author

Geetam S. Tomar, Narendra S. Chaudhari, Robin Singh Bhadoria, Ganesh Chandra Deka, Geetam S. Tomar, Narendra S. Chaudhari, Robin Singh Bhadoria, and Ganesh Chandra Deka

Subjects

Quantitative research--Social aspects, Big data, Data mining--Social aspects

Abstract

The proposed book talks about the participation of human in Big Data.How human as a component of system can help in making the decision process easier and vibrant.It studies the basic build structure for big data and also includes advanced research topics.In the field of Biological sciences, it comprises genomic and proteomic data also. The book swaps traditional data management techniques with more robust and vibrant methodologies that focus on current requirement and demand through human computer interfacing in order to cope up with present business demand. Overall, the book is divided in to five parts where each part contains 4-5 chapters on versatile domain with human side of Big Data.

Published

2017

138. Women in the Security Profession : A Practical Guide for Career Development

Author

Sandi J. Davies and Sandi J. Davies

Subjects

Women--Vocational guidance, Private security services--Vocational guidance

Abstract

Women in the Security Profession: A Practical Guide for Career Development is a resource for women considering a career in security, or for those seeking to advance to its highest levels of management. It provides a historical perspective on how women have evolved in the industry, as well as providing real-world tips and insights on how they can help shape its future. The comprehensive text helps women navigate their security careers, providing information on the educational requirements necessary to secure the wide-ranging positions in today's security field. Women in the Security Profession describes available development opportunities, offering guidance from experienced women professionals who have risen through the ranks of different security sectors. - Features career profiles and case studies, including interviews with women in the industry, providing a deeper dive inside some exciting and rewarding careers in security - Provides a history of women in security, and an exploration of both current and expected trends - Offers experienced advice on how to resolve specific biases and issues relating to gender

Published

2017

139. Cybercrime and Business : Strategies for Global Corporate Security

Author

Sanford Moskowitz and Sanford Moskowitz

Subjects

Computer networks--Security measures, Computer crimes--Prevention, Computer security

Abstract

Cybercrime and Business: Strategies for Global Corporate Security examines the three most prevalent cybercrimes afflicting today's corporate security professionals: piracy, espionage, and computer hacking. By demonstrating how each of these threats evolved separately and then converged to form an ultra-dangerous composite threat, the book discusses the impact the threats pose and how the very technologies that created the problem can help solve it. Cybercrime and Business then offers viable strategies for how different types of businesses—from large multinationals to small start-ups—can respond to these threats to both minimize their losses and gain a competitive advantage. The book concludes by identifying future technological threats and how the models presented in the book can be applied to handling them. - Demonstrates how to effectively handle corporate cyber security issues using case studies from a wide range of companies around the globe - Highlights the regulatory, economic, cultural, and demographic trends businesses encounter when facing security issues - Profiles corporate security issues in major industrialized, developing, and emerging countries throughout North America, Europe, Asia, Latin America, Africa, and the Middle East

Published

2017

140. IT-GRC-Management – Governance, Risk und Compliance : Grundlagen und Anwendungen

Author

Matthias Knoll, Susanne Strahringer, Matthias Knoll, and Susanne Strahringer

Subjects

Information technology--Management, Risk management

Abstract

IT-Governance, das vorausschauende, strukturierte strategische Planen und Steuern der IT, IT-Risikomanagement, das Beherrschen auch neuartiger IT-Risiken und IT-Compliance, das Beachten und Umsetzen relevanter Vorgaben gewinnen insbesondere im Zeitalter der digitalen Transformation zunehmend an Bedeutung. Ziel des Buches in der Reihe Edition HMD ist daher eine umfassende Beschäftigung mit den drei Disziplinen.Der Grundlagenteil des Herausgeberwerkes definiert die wichtigsten Begriffe und stellt den Zusammenhang zwischen den drei Eckpunkten des IT-GRC-Dreiecks vor. Denn obwohl Governance, Risk und Compliance getrennt betrachtet werden können, besteht zwischen ihnen eine charakteristische Verbindung. Erst im gut orchestrierten Zusammenspiel entfalten sie ihre volle Wirkung mit Blick auf die Steigerung des IT-Wertbeitrags für das Gesamtunternehmen.In den Beiträgen im zweiten Teil werden spezielle Fragestellungen im Kontext der jeweiligen Disziplinen, aber auch übergreifend diskutiert. Soweit möglich orientieren sich die Beiträge dazu an Anwendungsfällen. Die Diskussion anhand praxisorientierter Fragestellungen zeigt in besonderer Weise die Notwendigkeit für IT-GRC-Management in einem Zeitalter, in dem die IT nicht nur unterstützt, sondern Teil des Produktes oder sogar das Produkt selbst ist.

Published

2017

141. A Seat at the Table : IT Leadership in the Age of Agility

Author

Mark Schwartz and Mark Schwartz

Subjects

Information technology--Management, Leadership

Abstract

Agile, Lean, and DevOps approaches are radical game changers, providing a fundamentally different way to think about how IT fits into the enterprise, how IT leaders lead, and how IT can harness technology to accomplish the objectives of the enterprise. But honest and open conversations are not taking place between management and Agile delivery teams.In A Seat at the Table, CIO Mark Schwartz explores the role of IT leadership as it is now and opens the door to reveal IT leadership as it should be—an integral part of the value creation engine. With an easy style, Schwartz reveals that the only way to become an Agile IT leader is to be courageous—to throw off the attitude and assumptions that have kept CIOs from taking their rightful seat at the table. CIOs, step on up, your seat at the table is waiting for you.

Published

2017

142. IT-Sicherheit : Digitalisierung der Geschäftsprozesse und Informationssicherheit

Author

Andreas Gadatsch, Markus Mangiapane, Andreas Gadatsch, and Markus Mangiapane

Subjects

Computer security, Computer networks--Security measures

Abstract

Andreas Gadatsch und Markus Mangiapane erläutern zentrale Aspekte der Digitalisierung und der IT-Sicherheit, ohne die digitale Geschäftsmodelle und -prozesse nicht realisierbar sind. Die Autoren möchten den Leser für aktuelle Trends im Informationsmanagement und deren Auswirkungen auf IT-Sicherheit sensibilisieren. Wenn man von jedem Punkt der Welt aus einen Prozess nutzen kann, so kann man ihm auch jederzeit von jedem Ort aus schaden, ihn stoppen, verändern oder Daten manipulieren. IT-Sicherheit ist daher die Grundlage zur Realisierung digitaler Prozesse.

Published

2017

143. Industrie 4.0 : Safety und Security - Mit Sicherheit gut vernetzt Branchentreff der Berliner und Brandenburger Wissenschaft und Industrie

Author

Carsten Pinnow, Stephan Schäfer, DIN e.V, Carsten Pinnow, Stephan Schäfer, and DIN e.V

Abstract

Industrie 4.0 ist auch in Berliner Unternehmen kein Fremdwort mehr. Das Spektrum der automatisierten, vernetzten Datenerfassung wird ständig größer. Um den weltweiten, sicheren Datenzugriff zu gewährleisten, ist der Aufbau einer speziellen IT-Infrastruktur für die digitale Vernetzung von Prozessen und Wertschöpfungsnetzwerken notwendig. Auf der Tagung'Industrie 4.0 - Safety und Security'werden verschiedene Aspekte der Zugriffssicherheit und Verfügbarkeit vernetzter industrieller Anlagen beleuchtet, mögliche Geschäftsmodelle rund um die'smart factory'vorgestellt und anhand von Best-Practice-Beispielen Hilfen für eine erfolgreiche Umsetzung gegeben. Alle Tagungsbeiträge können in diesem Band nachgelesen werden.

Published

2017

144. Windows To Go : A Guide for Users and IT Professionals

Author

Joli Ballew and Joli Ballew

Subjects

Operating systems (Computers), Computer networks--Remote access

Abstract

Find out how to use, manage, deploy, and secure Windows To Go, the ultimate mobile edition of Windows 10, designed to boot directly from a USB stick. This book shows you how to use your Windows To Go drive to work at home and on the move and access local and network resources from anywhere. Readers responsible for deploying Windows To Go drives will also learn how to plan for, provision, deploy, and manage Windows To Go devices in the workplace in order to create an effective mobility solution for their users. A Windows To Go drive can be booted on any PC that meets the Windows 7 or later certification requirements, regardless of the operating system running on that PC.What You'll Learn:Understand how Windows To Go differs from a typical Windows installation on a desktopMeet the necessary hardware and software requirements for Windows To GoBoot your Windows To Go driveUse Windows To Go, at home and on the roadPlan and deploy Windows To Go in the workplaceSecure and protect Windows To Go drivesWho This Book Is For:End users and IT professionals

Published

2016

145. Information Security Policies, Procedures, and Standards : A Practitioner's Reference

Author

Douglas J. Landoll and Douglas J. Landoll

Subjects

Business--Data processing--Security measures, Data protection, Computer security

Abstract

Information Security Policies, Procedures, and Standards: A Practitioner's Reference gives you a blueprint on how to develop effective information security policies and procedures. It uses standards such as NIST 800-53, ISO 27001, and COBIT, and regulations such as HIPAA and PCI DSS as the foundation for the content. Highlighting key terminology, policy development concepts and methods, and suggested document structures, it includes examples, checklists, sample policies and procedures, guidelines, and a synopsis of the applicable standards.The author explains how and why procedures are developed and implemented rather than simply provide information and examples. This is an important distinction because no two organizations are exactly alike; therefore, no two sets of policies and procedures are going to be exactly alike. This approach provides the foundation and understanding you need to write effective policies, procedures, and standards clearly and concisely.Developing policies and procedures may seem to be an overwhelming task. However, by relying on the material presented in this book, adopting the policy development techniques, and examining the examples, the task will not seem so daunting. You can use the discussion material to help sell the concepts, which may be the most difficult aspect of the process. Once you have completed a policy or two, you will have the courage to take on even more tasks. Additionally, the skills you acquire will assist you in other areas of your professional and private life, such as expressing an idea clearly and concisely or creating a project plan.

Published

2016

146. Executing Windows Command Line Investigations : While Ensuring Evidentiary Integrity

Author

Chet Hosmer, Joshua Bartolomie, Rosanne Pelli, Chet Hosmer, Joshua Bartolomie, and Rosanne Pelli

Subjects

Evidence (Law), Computer crimes--Investigation, Command languages (Computer science)

Abstract

The book Executing Windows Command Line Investigations targets the needs of cyber security practitioners who focus on digital forensics and incident response. These are the individuals who are ultimately responsible for executing critical tasks such as incident response; forensic analysis and triage; damage assessments; espionage or other criminal investigations; malware analysis; and responding to human resource violations. The authors lead readers through the importance of Windows CLI, as well as optimal configuration and usage. Readers will then learn the importance of maintaining evidentiary integrity, evidence volatility, and gain appropriate insight into methodologies that limit the potential of inadvertently destroying or otherwise altering evidence. Next, readers will be given an overview on how to use the proprietary software that accompanies the book as a download from the companion website. This software, called Proactive Incident Response Command Shell (PIRCS), developed by Harris Corporation provides an interface similar to that of a Windows CLI that automates evidentiary chain of custody and reduces human error and documentation gaps during incident response. - Includes a free download of the Proactive Incident Response Command Shell (PIRCS) software - Learn about the technical details of Windows CLI so you can directly manage every aspect of incident response evidence acquisition and triage, while maintaining evidentiary integrity

Published

2016

147. Enterprise Risk Management : A Common Framework for the Entire Organization

Author

Philip E. J. Green and Philip E. J. Green

Subjects

Risk management

Abstract

Enterprise Risk Management: A Common Framework for the Entire Organization discusses the many types of risks all businesses face. It reviews various categories of risk, including financial, cyber, health, safety and environmental, brand, supply chain, political, and strategic risks and many others. It provides a common framework and terminology for managing these risks to build an effective enterprise risk management system. This enables companies to prevent major risk events, detect them when they happen, and to respond quickly, appropriately, and resiliently. The book solves the problem of differing strategies, techniques, and terminology within an organization and between different risk specialties by presenting the core principles common to managing all types of risks, while also showing how these principles apply to physical, financial, brand, and global strategy risks. Enterprise Risk Management is ideal for executives and managers across the entire organization, providing the comprehensive understanding they need, in everyday language, to successfully navigate, manage, and mitigate the complex risks they face in today's global market. - Provides a framework on which to build an enterprise-wide system to manage risk and potential losses in business settings - Solves the problem of differing strategies, techniques, and terminology within an organization by presenting the core principles common to managing all types of risks - Offers principles which apply to physical, financial, brand, and global strategy risks - Presents useful, building block information in everyday language for both managers and risk practitioners across the entire organization

Published

2016

148. IT-Management im Zeitalter der Digitalisierung : Auf dem Weg zur IT-Organisation der Zukunft

Author

Nils Urbach, Frederik Ahlemann, Nils Urbach, and Frederik Ahlemann

Subjects

Information technology--Management

Abstract

Dieses Buch thematisiert den drastischen Wandel, den die Geschäftswelt derzeit unter dem Stichwort Digitalisierung erlebt. Technologische Innovationen üben einen signifikanten Einfluss auf Prozesse, Produkte, Dienstleistungen und Geschäftsmodelle aus. Die resultierende Digitale Transformation hat disruptive Konsequenzen für viele Unternehmen und Branchen. Bislang haben sich viele IT-Organisationen darauf konzentriert, die Anforderungen der Fachbereiche möglichst effektiv und effizient in qualitativ hochwertige IT-Services zu übersetzen und diese zu betreiben. Nun sind sie in zunehmenden Maße gefordert, das Gesamtunternehmen aktiv mitzugestalten. Informationstechnologie realisiert Innovationen für das Business, und die IT-Organisation muss proaktiv und frühzeitig mit den Fachbereichen kooperieren, um solche Innovationen auf den Weg zu bringen. Dieses Buch zeigt, welche Implikationen die Digitalisierung für heutige IT-Organisationen mit ihren Strukturen, Prozessen und Menschen hat. Damitwendet es sich an IT-Führungskräfte, Manager, in deren Verantwortungsbereich die IT liegt, sowie praktisch interessierte Akademiker. Das Buch hilft, auf die Digitale Transformation nicht nur zu reagieren, sondern eine proaktive Rolle einzunehmen.

Published

2016

149. Insider Threat : Prevention, Detection, Mitigation, and Deterrence

Author

Michael G. Gelles and Michael G. Gelles

Subjects

Business enterprises--Security measures, Employee crimes--Prevention, Risk assessment

Abstract

Insider Threat: Detection, Mitigation, Deterrence and Prevention presents a set of solutions to address the increase in cases of insider threat. This includes espionage, embezzlement, sabotage, fraud, intellectual property theft, and research and development theft from current or former employees. This book outlines a step-by-step path for developing an insider threat program within any organization, focusing on management and employee engagement, as well as ethical, legal, and privacy concerns. In addition, it includes tactics on how to collect, correlate, and visualize potential risk indicators into a seamless system for protecting an organization's critical assets from malicious, complacent, and ignorant insiders. Insider Threat presents robust mitigation strategies that will interrupt the forward motion of a potential insider who intends to do harm to a company or its employees, as well as an understanding of supply chain risk and cyber security, as they relate to insider threat. - Offers an ideal resource for executives and managers who want the latest information available on protecting their organization's assets from this growing threat - Shows how departments across an entire organization can bring disparate, but related, information together to promote the early identification of insider threats - Provides an in-depth explanation of mitigating supply chain risk - Outlines progressive approaches to cyber security

Published

2016

150. Securing an IT Organization Through Governance, Risk Management, and Audit

Author

Ken E. Sigler, James L. Rainey III, Ken E. Sigler, and James L. Rainey III

Subjects

Information technology--Management

Abstract

This book introduces two internationally recognized bodies of knowledge: COBIT 5 from a cybersecurity perspective and the NIST Framework for Improving Critical Infrastructure Cybersecurity (CSF). Emphasizing the processes directly related to governance, risk management, and audit, the book maps the CSF steps and activities to the methods defined in COBIT 5, extending the CSF objectives with practical and measurable activities that leverage operational risk understanding in a business context. This allows the ICT organization to convert high-level enterprise goals into manageable, specific goals rather than unintegrated checklist models.

Published

2016