Supplying a high-level overview of how to protect your company’s physical and intangible assets, Asset Protection through Security Awareness explains the best ways to enlist the assistance of your employees as the first line of defense in safeguarding company assets and mitigating security risks. The author reviews key topics surrounding computer security—including privacy, access controls, and risk management—to help fill the gaps that might exist between management and the technicians securing your network systems.
In an accessible style that requires no previous networking or programming experience, the book delivers a practical approach to asset protection. It specifies the roles of managers and employees in creating a company-wide culture of security awareness and provides step-by-step instruction on how to build an effective security awareness team. Each chapter examines a separate security issue and provides a brief overview of how to address that issue. It includes tools and checklists to help you address:
This concise security management primer facilitates the up-to-date understanding required to protect your digital and physical assets, including customer data, networking equipment, and employee information. Providing you with powerful tools of diplomacy, this text will help you win the support of your employees and empower them to be effective gatekeepers of your company’s most valued assets and trade secrets.
Introduction: What Is Information Security?
Creating a Culture of Security Awareness
Overview of Security Awareness Categories
Who Is an IS Professional?
Incident Detection and Response
Business Continuity Planning
User Authentication Methods
Public Key Infrastructure
Web of Trust
Computer and Network Forensics
Crafting a Security Policy
Planning Versus Reactionary Response (Or—Why It’s Important to Have a Security Plan)
Don’t Wait to Plan
Standards, Policies, Procedures, and Controls
Accessibility, Supportability, and Clarity
Assessing the Organization’s Network Infrastructure
Security Policy Structure Outline
Distribution of the Policy
Performing Security Analyses and Audits
Tyler Speed is the Executive Vice President of Electronics International in Bend, Oregon and has a Masters Degree in Information Assurance from the NSA-certified Norwich University in Northfield, Vermont. As a corporate leader in aviation, not only does Tyler deal with governmental regulations and compliance issues from the FAA, but he must also temper customer service and sales needs with a solid foundation in security and training in order to protect sales records, customer information, trade secrets and proprietary information. Tyler has been tinkering with computers and networks since the days of Bulletin Board Services, and understands the need for a common sense approach to corporate security awareness and training. At the time of this publication, Tyler is studying to obtain his Certified Information Systems Seucrity Professional (CISSP) certification.