A Business Guide to Information Security How to Protect Your Company’s IT Assets, Reduce Risks and Understand the Law
by Alan Calder
In the information economy, data has huge value to individuals, businesses and villains alike. All organizations are threatened and vulnerable. A Business Guide to Information Security explains to directors and managers the vital issues from adware, hackers and phishing to spyware, viruses and zombies-facing organizations of every type and size, and helps them to take control of a subject that is critical to their survival. Full of clear, practical and straightforward advice, The Author helps readers ensure that :
- IT security is business-driven
- Information security is cost-effective
- Business data risks are managed
- Legal and regulatory compliance is assured
Alan Calder, founder director of IT Governance Ltd, led one of the first organizations to achieve BS7799. His 30-year international management carrer, at CEO and director level in both the private and public sectors, has increasingly focused on the challange of making information security as simple and as natural as household security. He is the author of IT Governance and Corporate Governance (both published by Kogan Page).
1. Threats and Compliance
2. Threats
3. Compliance, Regulatory and Legal Issues
4. Information Security
5. Benefits of Taking Action
6. Simply Essential
7. Overview
8. Risks and Controls
9. Risk Assessment, Impact and Risk Management
10. The SOHO Internet Highway Code
11. The 10 Rules of the SOHO Internet Highway Code
12. Implementation Guidance
13. The Infosec Basics for Business
14. Introduction
15. The 14 Infosec Basics for Business
16. Implementation Guidance
17. Essentials for Smaller Organizations
18. Characteristics
19. Implementation Issues
20. Smaller Not-for-profit Organizations
21. Essentials for Larger Organizations
22. Threats, Vulnerabilities and Impacts
23. Characteristics
24. Implementation Issues
25. UK Public Sector Organizations
26. Essentials for Wireless Networking
27. Wireless Networking
28. Wireless Technology
29. Risks
30. Recommended Actions
31. Teleworking
32. Essentials for E-commerce
33. Threats and Vulnerabilities
34. Information Publication
35. Transactional Security
36. Website Security
37. Legal and Regulatory Essentials
38. Introduction
39. Data Protection Act 1998
40. Privacy and Electronic Communications Regulations 2003
41. Freedom of Information Act 2000
42. Computer Misuse Act 1990
43. Copyright, Designs and Patents Act 1988
44. Electronic Communications Act 2000
45. Human Rights Act 1998
46. Regulation of Investigatory Powers Act 2000
47. Intellectual Property Rights
48. The abc Glossary of Information Security and Related Terms