Managing the Human Factor in Information Security- How to win over staff and influence businessmanagers
AUTHOR | Lacey, David |
PUBLISHER | Wiley (02/24/2009) |
PRODUCT TYPE | Paperback (Paperback) |
"Computers do not commit crimes. People do."
The biggest threat to information security is the "human factor", the influence of people. Even the best people will make mistakes, cause breaches and create security weaknesses that enable criminals to steal, corrupt or manipulate systems and data. The explosion in social networking and mobile computing is intensifying this problem.
For the first time, this book brings together theories and methods which will help you to change and harness people's security behaviour. It will help you to:
- Understand and manage major crises and risk
- Appreciate the nature of the insider threat
- Navigate organization culture and politics
- Build better awareness programmes
- Transform user attitudes and behaviour
- Gain Executive Board buy-in
- Design management systems that really work
- Harness the power of your organization
Based on the author's own personal experience of working with large, complex organizations, such as Shell and Royal Mail, this book is written by an information security insider and makes essential reading for all information security professionals.
"We live in an age where social networks, collaborative working and community development are global and commonplace, redefining the role of information security. David takes a dry-as-dust elephant of a subject and expertly serves it up in edible, even tasty, morsels."
JP Rangaswami, Managing Director of BT Design
"A highly entertaining read that will undoubtedly become essential reading for all security professionals."
Professor Fred Piper
"I'm really interested in reading this book and, frankly, once it's published, I'll be one of the first to buy it."
Dr. Eugene Schultz, High Tower Software
"Computers do not commit crimes. People do."
The biggest threat to information security is the "human factor", the influence of people. Even the best people will make mistakes, cause breaches and create security weaknesses that enable criminals to steal, corrupt or manipulate systems and data. The explosion in social networking and mobile computing is intensifying this problem.
For the first time, this book brings together theories and methods which will help you to change and harness people's security behaviour. It will help you to:
- Understand and manage major crises and risk
- Appreciate the nature of the insider threat
- Navigate organization culture and politics
- Build better awareness programmes
- Transform user attitudes and behaviour
- Gain Executive Board buy-in
- Design management systems that really work
- Harness the power of your organization
Based on the author's own personal experience of working with large, complex organizations, such as Shell and Royal Mail, this book is written by an information security insider and makes essential reading for all information security professionals.
"We live in an age where social networks, collaborative working and community development are global and commonplace, redefining the role of information security. David takes a dry-as-dust elephant of a subject and expertly serves it up in edible, even tasty, morsels."
JP Rangaswami, Managing Director of BT Design
"A highly entertaining read that will undoubtedly become essential reading for all security professionals."
Professor Fred Piper
"I'm really interested in reading this book and, frankly, once it's published, I'll be one of the first to buy it."
Dr. Eugene Schultz, High Tower Software