LitArk » Books » Computer

Catherine Paquet - The Business Case for Network Security: Advocacy, Governance, and ROI

Here you can read online Catherine Paquet - The Business Case for Network Security: Advocacy, Governance, and ROI full text of the book (entire story) in english for free. Download pdf and epub, get meaning, cover and reviews about this ebook. year: 2004, publisher: Cisco Press, genre: Computer. Description of the work, (preface) as well as reviews are available. Best literature library LitArk.com created for fans of good reading and offers a wide selection of genres:

Romance novel Science fiction Adventure Detective Science History Home and family Prose Art Politics Computer Non-fiction Religion Business Children Humor

Choose a favorite category and find really read worthwhile books. Enjoy immersion in the world of imagination, feel the emotions of the characters or learn something new for yourself, make an fascinating discovery.

Book:
The Business Case for Network Security: Advocacy, Governance, and ROI
Author:
Catherine Paquet / Warren Saxe
Publisher:
Cisco Press
Genre:
Books / Computer
Year:
2004
Rating:
5 / 5
Favourites:
Add to favourites
Your mark:
- 100
- 1
- 2
- 3
- 4
- 5

Description
Author's other books
Similar books

The Business Case for Network Security: Advocacy, Governance, and ROI: summary, description and annotation

We offer to read an annotation, description, summary or preface (depends on what the author of the book "The Business Case for Network Security: Advocacy, Governance, and ROI" wrote himself). If you haven't found the necessary information about the book — write in the comments, we will try to find it.

Understand the total cost of ownership and return on investment for network security solutions

Understand what motivates hackers and how to classify threats
Learn how to recognize common vulnerabilities and common types of attacks
Examine modern day security systems, devices, and mitigation techniques
Integrate policies and personnel with security equipment to effectively lessen security risks
Analyze the greater implications of security breaches facing corporations and executives today
Understand the governance aspects of network security to help implement a climate of change throughout your organization
Learn how to qualify your organizations aversion to risk
Quantify the hard costs of attacks versus the cost of security technology investment to determine ROI
Learn the essential elements of security policy development and how to continually assess security needs and vulnerabilities

The Business Case for Network Security: Advocacy, Governance, and ROI addresses the needs of networking professionals and business executives who seek to assess their organizations risks and objectively quantify both costs and cost savings related to network security technology investments. This book covers the latest topics in network attacks and security. It includes a detailed security-minded examination of return on investment (ROI) and associated financial methodologies that yield both objective and subjective data. The book also introduces and explores the concept of return on prevention (ROP) and discusses the greater implications currently facing corporations, including governance and the fundamental importance of security, for senior executives and the board.

Making technical issues accessible, this book presents an overview of security technologies that uses a holistic and objective model to quantify issues such as ROI, total cost of ownership (TCO), and risk tolerance. This book explores capital expenditures and fixed and variable costs, such as maintenance and upgrades, to determine a realistic TCO figure, which in turn is used as the foundation in calculating ROI. The importance of security policies addressing such issues as Internet usage, remote-access usage, and incident reporting is also discussed, acknowledging that the most comprehensive security equipment will not protect an organization if it is poorly configured, implemented, or used. Quick reference sheets and worksheets, included in the appendixes, provide technology reviews and allow financial modeling exercises to be performed easily.

An essential IT security-investing tool written from a business management perspective, The Business Case for Network Security: Advocacy, Governance, and ROI helps you determine the effective ROP for your business.

This volume is in the Network Business Series offered by Cisco Press. Books in this series provide IT executives, decision makers, and networking professionals with pertinent information about todays most important technologies and business strategies.

Catherine Paquet: author's other books

Who wrote The Business Case for Network Security: Advocacy, Governance, and ROI? Find out the surname, the name of the author of the book and a list of all author's works by series.

The Business Case for Network Security: Advocacy, Governance, and ROI — read online for free the complete book (whole text) full work

Below is the text of the book, divided by pages. System saving the place of the last page read, allows you to conveniently read the book "The Business Case for Network Security: Advocacy, Governance, and ROI" online for free, without having to search again every time where you left off. Put a bookmark, and you can go to the page where you finished reading at any time.

Light

Font size:

↓

↑

Reset

Interval:

↓

↑

Bookmark:

Make

Index

[]abuseaccessaccess cardsaccess control listsaccess cradsaccess integrityaccess pointswireless networksaccess policiesaccess warningsanalog Internet accessanalysisangry employeesannual-loss expectancy (ALE) [See ]annualized rate of occurrence (ARO) [See ]application layer attacksapplicationsdesign issuesassetsprotectionvalue estimationsabuseapplication layer attackscalssifyingcostsdetectionexploitation attacksIP spoofingman-in-the-middle attacksnetwork reconnaissancepacket sniffersport redirection attackspreventingreportingrisk exposurerisk tolerancetrust exploitation attacksUnited Stateswar-dialersauditingAVmultiple brandsavailabilityequipmentawareness levels

Index

[]baselinesattack costsbraggartsbuffer overflowbusiness relationships

Index

[]CAcalculatingcarelss employeescassificationattacksCCNP Self-Studycertificate authority (CA) [See ]certificatesCAcollateral damagecommunicationspeer groupscomplianceconfidentialityconfidentiality levelscorporate compliancecorporate organizationscostsattacksculturessecuritycustom-written software

Index

[]data collectiondata transfersdeliverablesdemilitarized-zone (DMZ) web server [See ]departing employeesdepartmentssecurity incidentsdesign issuesvulnerabilitiesdetectionIDSs (intrusion-detection systems)devicesavailabilityhardening devicesunsecured devicesdialup Internet accessdialup workstationsdiminishing returnsdirectivesdiscount factordisgruntled employeesDMZ (demilitarized-zone) web serversDMZ servers

Index

[]e-mailcontentemployee sabotageemployeesbusiness relationshipssecure culturesCAkeysenvironmentssecurityequipmentavailabilityexecutive involvementexploitation attacksexposure factorextranetsextrapolating policy intent

Index

[]false positivesIPS sensorsfax linesfilteringfiltersprivacy filtersfinance departmentsecurity incidentsfirewallingforensic analysisformer employees

Index

[]governanceguidelinescreating

Index

[]hackingHacking Exposedhardening devicesinstallationhashinghomelandhostshuman issuesvulnerabilities

Index

[]attacksIDSs (intrusion-detection systems)IM (Infosec management) quotient surveysimperativesimplementationimplementation issuesvulnerabilitiesimprove componentinbound dialingInfosec management (IM) quotient surveysInfosec operational (IO) quotient surveys]initiativesintegrityintegrity issuesinteractivityintitiativesintrusion-detection systems (IDSs) [See ]intrusion-prevention systems (IPSs) [See ]inventory controlinvestmentsreturnsROPinvestor relations departmentsecurity incidentsIO (Infosec operational) quotient surveysIO quotientIO surveyrespondentssenior management requirementsIP spoofingattackssensorsIPSs (intrusion-prevention systems)ISDsIT managementcorporates mandatesdeliverablesimperativesorganizationsROPROP (return on prevention)

Index

[]job categories

Index

[]keys

Index

[]LANsPVLANslaptop computerslaw of diminishing returnslicensinglifetimeslobbying supportlog analysislogginglogistics departmentsecurity incidents

Index

[]MAC addressesmanagement server consolesmanagerssecure culturesmandatesmarketing departmentsecurity incidentsmitigationthreat mitigationmobile accessmobile employeespoliciesmobile employessmonitormonitoring

Index

[]negligencenetwork interface cards (NICs) [See ]network reconnaissance attacksnetwork testingnetwork vunerability scannersnetworksNewton's Telecom DictionaryNICsNIDSnormalizationnotebook computers

Index

[]one-time passwordspoliciesonline bankingoperating systemsdesign issuesoperating sytemsoperation integrityopportunitiesdeterminingOTPs (one-time passwords)outgoing traffic monitoringoutgoing-traffic administration

Index

[]packet snifferspacketspassword attackspoliciessanctitystoringstrong passwordsweak passwordspatchespathspeer groupscommunicationspenetrable analysisperimeter routersadjustingefficiencyencryption policiesenforcementextrapolating policy intentincidentsIT managementpasswordsprocedural requirementsrequired policiessenior management requirementsport redirection attacksport securitypresent valuespresentationsprivacyconfidentiality levelsprivacy breachesprivacy filtersprivate virtual LANs (PVLANs) [See ]procedural requirementsproduction departmentsecurity incidentspropagationproposalsprotocolsdesign issuesvulnerabilitiesproxy serverspublic key infrastructure (PKI) [See ]PVLANs

Index

[]quality auditssecurity auditsquestions

Index

[]rating scaleremote accessreportingattacksrequired policiesretention]returnsrisksexposureroconnaissance attackscorporate goalsmandates and directivestraffic filtering

Index

[]SAA Security Blueprint for Enterprise Networks (SAFEExtending the Security Blueprint to Small, Midsize, and Remote-User Networks (SAFEIDS Deployment, Tuning, and Logging in Depth (SAFEIP Telephony Security in Depth (SAFEVPN IPSec Virtual Private Networks in Depth (SAFEWireless LAN Security in Depth (SAFEWorm Mitigation (SAFEsales departmentsecurity incidentsscalabilityscanningvunerability scanssecure culturessecurityquality auditsUnited Statessecurity initiativesrequirementsSecurity Surveysenior managementsecurity incidentssecurity requirementssensorsIPS sensorsserversservice level agreements (SLAs) [See ]single-loss expectancy (SLE) [See ]SLAsAVinstallationSSH (secure shell)SSL (secure sockets layer)stateful firewallingstatus quosteering committeeopportunitiesstrengthsthreatsweaknessessteering committeessecure culturesstrengthsdeterminingstrong passwordssupportlobbyingPVLANs (private virtual LANs)traffic filtering

Index

[]taggingtargetsTCO (total cost of ownership)testing componentthreadsthreat mitigationthreatsapplication layer attacksdeterminingDoS attacksIP spoofingman-in-the-middle attacksnetwork reconnaissance attackspacket snifferspassword attacksport redirection attacksrisk exposurerisk tolerancerisksTrojan horsestrust exploitation attacksunauthorized access attacksviruseswar-dialerswormsticket assignmentstokenstoolstopologiestotal cost of ownership (TCO) [See ]traffic efficacytrainingtrendstrojan horses

Index

[]unsecured devicesunsecured user accountsURLsuser accountsunsecure user accountsuser complianceuser software

Index

[]vendor-based softwarevirus protectionAVVLANsPVLANsVPNsvunerability patchingvunerability scannersvunerability scansvunerable points

Index

[]war dialerspolicieswar-dialersweak passwordsweaknessesdeterminingweb siteswokflowpoliciesworkforcebusiness relationshipsWorld Wide Webstopping

Index

Appendix A. References

This appendix lists books, websites, and other resources that are referred to throughout this book, along with resources that were used during the research process.

NOTE

The website references in this book were accurate upon publication; however, they might have since changed. If the website is unavailable, you might want to conduct a search using a powerful search engine such as Google (http://www.google.com) and entering the document title as key words.

Light

Font size:

↓

↑

Reset

Interval:

↓

↑

Bookmark:

Make

Similar books «The Business Case for Network Security: Advocacy, Governance, and ROI»

Look at similar books to The Business Case for Network Security: Advocacy, Governance, and ROI. We have selected literature similar in name and meaning in the hope of providing readers with more options to find new, interesting, not yet read works.

Yoram Orzach

Network Protocols for Security Professionals: Probe and identify network-based vulnerabilities and safeguard against network protocol breaches

Prabhat Mishra

Network-on-Chip Security and Privacy

Aditya Mukherjee

Network Security Strategies: Protect your network and enterprise against advanced cybersecurity attacks and threats

Jetty Sairam

Securing network infrastructure: discover practical network security with Nmap and Nessus 7

Levesque Warun

Applied network security: master the art of detecting and averting advanced network security attacks and techniques

Breithaupt Jim

Information security: principles and practices

Steven M. Bellovin

Thinking Security: Stopping Next Years Hackers

Glen D. Singh

CCNA Security 210-260 Certification Guide: Build your knowledge of network security and pass your CCNA Security exam (210-260)

Markus Schumacher

Security Patterns: Integrating Security and Systems Engineering

Rick Lehtinen

Computer Security Basics

Himanshu Dwivedi

Hacking VoIP: Protocols, Attacks, and Countermeasures

John Ray

Maximum Mac OS X Security

Reviews about «The Business Case for Network Security: Advocacy, Governance, and ROI»

Discussion, reviews of the book The Business Case for Network Security: Advocacy, Governance, and ROI and just readers' own opinions. Leave your comments, write what you think about the work, its meaning or the main characters. Specify what exactly you liked and what you didn't like, and why you think so.