"The charge of securing corporate America falls upon its businessleaders. This book, offered by Ernst & Young and written byMark Doll, Sajay Rai, and Jose Granado, is not only timely, butcomprehensive in outlook and broad in scope. It addresses many ofthe critical security issues facing corporate America today andshould be read by responsible senior management." --Former Mayor ofNew York, Rudolph W. Giuliani
"To achieve the highest possible level of digital security, everymember of an organization's management must realize that digitalsecurity is 'baked in,' not 'painted on.'" --from Defending theDigital Frontier: A Security Agenda
Like it or not, every company finds itself a pioneer in the digitalfrontier. And like all frontiers, this one involves exploration,potentially high returns . . . and high risks.
Consider this: According to Computer Economics, the worldwideeconomic impact of such recent attacks as Nimda, Code Red(s), andSircam worms totaled $4.4 billion. The "Love Bug" virus in 2000inflicted an estimated $8.75 billion in damage worldwide. Thecombined impact of the Melissa and Explorer attacks was $2.12billion. Companies were hurt as much in terms of image and publicconfidence as they were financially. Protecting the "digitalfrontier" is perhaps the greatest challenge facing businessorganizations in this millennium. It is no longer a function of ITtechnologists; it is a risk management operation requiringsponsorship by management at the highest levels.
Written by leading experts at Ernst & Young, Defending theDigital Frontier: A Security Agenda deconstructs digital securityfor executive management and outlines a clear plan for creatingworld-class digital security to protect your organization's assetsand people. Achieving and defending security at the DigitalFrontier requires more than just informed decision-making at thetop level. It requires a willingness to change your organization'smindset regarding security. Step by step, Defending the DigitalFrontier shows you how to accomplish that.
With detailed examples and real-world scenarios, the authorsexplain how to build-in the six characteristics that a world-classdigital security system must possess. You must make yoursystem:
* Aligned with the organization's overall objectives.
* Enterprise-wide, taking a holistic view of security needs for theentire, extended organization.
* Continuous, maintaining constant, real-time monitoring andupdating of policies, procedures, and processes.
* Proactive to effectively anticipate potential threats.
* Validated to confirm that appropriate risk management andmitigation measures are in place.
* Formal, so that policies, standards, and guidelines arecommunicated to every member of the organization.
An intrusion is bound to occur to even the most strongly defendedsystems. Will your organization be prepared to react, or lapse intochaos? Defending the Digital Frontier introduces the Restrict, Run,and Recover(r) model that guides organizations in formulating andimplementing a clear, enterprise-wide, Agenda for Action toanticipate, detect, and react effectively to intrusions. You willlearn how to roll out an effective Security Awareness and TrainingProgram, establish Incident Response procedures, and set in placeDigital Security Teams to control damage and manage risk in evenworst-case scenarios. The digital threat knows no borders andhonors no limits. But for the prepared organization, tremendousrewards await out on the digital frontier. By strengtheningcollective digital security knowledge from the top down anddeveloping a rock-solid, comprehensive, on-going security agenda,every organization can build a secure future. Defending the DigitalFrontier will get you there.
Autorentext
ERNST & YOUNG is one of the nation's leading professional services firms, providing tax, assurance, and advisory business services to thousands of individuals as well as domestic and global businesses.
MARK W. DOLL is a Partner and the Americas Director of Ernst & Young's Security Services. As the Americas Director, Mark is responsible overall for security projects, including security assessments, architecture design, and security implementation as well as business continuity. Mr. Doll is a sought-after speaker on the topic of digital security, and has recently appeared before the House Energy and Commerce Subcommittee on Commerce, Trade, and Consumer Protection as an expert witness on the subject.
SAJAY RAI is a Partner in Ernst & Young's Security Services. He is a Certified Information Systems Security Professional (CISSP) and is a frequent speaker on the topics of security and business continuity. He serves on the advisory board of several organizations.
JOSE GRANADO is a Partner in Ernst & Young's Security Services, and Director of the Advanced Security Center focused on attack and penetration services. He is a Certified Information Systems Security Professional (CISSP).
Zusammenfassung
"The charge of securing corporate America falls upon its business leaders. This book, offered by Ernst & Young and written by Mark Doll, Sajay Rai, and Jose Granado, is not only timely, but comprehensive in outlook and broad in scope. It addresses many of the critical security issues facing corporate America today and should be read by responsible senior management." --Former Mayor of New York, Rudolph W. Giuliani
"To achieve the highest possible level of digital security, every member of an organization's management must realize that digital security is 'baked in,' not 'painted on.'" --from Defending the Digital Frontier: A Security Agenda
Like it or not, every company finds itself a pioneer in the digital frontier. And like all frontiers, this one involves exploration, potentially high returns . . . and high risks.
Consider this: According to Computer Economics, the worldwide economic impact of such recent attacks as Nimda, Code Red(s), and Sircam worms totaled $4.4 billion. The "Love Bug" virus in 2000 inflicted an estimated $8.75 billion in damage worldwide. The combined impact of the Melissa and Explorer attacks was $2.12 billion. Companies were hurt as much in terms of image and public confidence as they were financially. Protecting the "digital frontier" is perhaps the greatest challenge facing business organizations in this millennium. It is no longer a function of IT technologists; it is a risk management operation requiring sponsorship by management at the highest levels.
Written by leading experts at Ernst & Young, Defending the Digital Frontier: A Security Agenda deconstructs digital security for executive management and outlines a clear plan for creating world-class digital security to protect your organization's assets and people. Achieving and defending security at the Digital Frontier requires more than just informed decision-making at the top level. It requires a willingness to change your organization's mindset regarding security. Step by step, Defending the Digital Frontier shows you how to accomplish that.
With detailed examples and real-world scenarios, the authors explain how to build-in the six characteristics that a world-class digital security system must possess. You must make your system:
* Aligned with the organization's overall objectives.
* Enterprise-wide, taking a holistic view of security needs for the entire, extended organization.
* Continuous, maintaining constant, real-time monitoring and updating of policies, procedures, and processes.
* Proactive to effectively anticipate potential threats.
* Validated to confirm that appropriate risk management and mitigation measures are in place.
* Formal, so that policies, standards, and guidelines are communicated to every member of the organization.