Unabhängige Kompetenz-Plattform
für Integrierte Sicherheit in der Schweiz.

Digital Age - How to approach Cyber Security

A risk-based approach to information security considering the human factor

This is the new issue of the 2008 published “Information and IT Risk Management in a Nutshell”. General content was reworked and supplemented with two additional components. First - The focus on the impact of digitalization; Second - the underestimated role of humans contributing to cyber risks.

Information and news about cybersecurity and security breaches can be overwhelming these days.

This book is intended to support you reflecting on your current approach of protecting information - or to guide you to set up information security and risk management seriously without focusing on technical solutions in the first place.

This book is written for all decision makers and all IT employees supporting operations and projects to get an understanding of the importance of information security and risk management without having to deal with technical details. Security subject matters experts benefit from the organizational aspects which are not addressed in most technical papers.

What are the drivers for this second edition?

It was not the technological development. It was the fact that although technology is improving, the protection of information seems to be decreasing.

What is the issue?

On one hand the digitalization, on the other hand the human being unable to cope with increasing permeation of technology correctly. If not considered, these are the main risks for failing in cybersecurity and information risk management.

The book has a prefix from Dr. Hannes P. Lubich, Professor für ICT System und Service Management, Fachhochschule Nordwestschweiz and one from Sebastian Schreiber, CEO SySS GmbH.

It is structured in five sections:

SECTION 1 :     THE HUMAN FACTOR

SECTION 2 :     RISK MANAGEMENT ESSENTIALS

SECTION 3 :     THE SIMPLIFIED APPROACH

SECTION 4 :     TEMPLATES

SECTION 5 :     IT AND INFORMATION RISK MANAGEMENT LEXICON

and delivers:

•    Physiological aspects of Cyber- and Information Security.
•    An introduction to information and IT risk management.
•    Arguments for practicing continuous information and IT risk management.
•    Arguments to gain management support for information and IT risk management.
•    A pragmatic framework and implementation processes for information and IT risk management.
•    Possible pitfalls when implementing information and IT risk management.
•    Templates.
•    Golden Rules for information and IT risk management (suggested best practices).
•    An approach that is independent from the latest technology or threat developments.

Quelle: Amazon
Autor:
Andreas von Grebmer
Verlag: Books on Demand
Erscheinungsjahr:
2017
ISBN: 978-3744871464

Security-Finder Schweiz: Newsletter