{"product_id":"securing-e-business-systems-a-guide-for-managers-and-executives-isbn-9781119090939","title":"Securing E-Business Systems: A Guide for Managers and Executives","description":"\u003cp\u003e\"This is a must-read for the entire CXO community if businesses are to survive in cyberspace. Attack methodologies and the cyber threat poised against our business systems are advancing rapidly. Business leaders are soon to face downstream liability issues for the damage their unprotected and exploited systems cause not only to themselves but to all of those with whom they do business in cyberspace. American businesses are now the target of choice by our nation's enemies. We may secure the airways, ports, and borders, but only the boardrooms of America can ensure the survival of our economy.\" \u003cbr\u003e—John R. Thomas, Colonel, U.S. Army, Retired Former Commander of the DoD, Global Operations and Security Center  \u003c\/p\u003e\u003cp\u003eToday's e-business depends on the security of its networks and information technology infrastructure to safeguard its customers and its profits. But with rapid innovation and the emergence of new threats and new countermeasures, keeping up with security is becoming more complex than ever. \u003ci\u003eSecuring E-Business Systems\u003c\/i\u003e offers a new model for developing a proactive program of security administration that works as a continuous process of identifying weaknesses and implementing solutions. This book offers a real, working design for managing an IT security program with the attention it truly warrants, treating security as a constant function that adapts tomeet a company's changing security needs.  \u003c\/p\u003e\u003cp\u003eTopics include:  \u003c\/p\u003e\u003cul\u003e \u003cli\u003eSecurity weaknesses\u003c\/li\u003e \u003cli\u003eSafeguarding technologies\u003c\/li\u003e \u003cli\u003eCountermeasure best practices\u003c\/li\u003e \u003cli\u003eEstablishing an adaptable e-business security management program\u003c\/li\u003e \u003cli\u003eEssential elements of a corporate security management program\u003c\/li\u003e \u003cli\u003eFunctions, structure, staffing, and contracting considerations in security management\u003c\/li\u003e \u003cli\u003eImplementing intrusion detection technology\u003c\/li\u003e \u003cli\u003eDesigning tomorrow's e-business application for secured operations\u003c\/li\u003e \u003cli\u003eContemporary rationales for justifying increased spending on security programs\u003c\/li\u003e \u003cli\u003eEmerging liability issues for e-businesses\u003c\/li\u003e \u003c\/ul\u003e \u003cp\u003ePreface xiii\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 1 Electronic Business Systems Security 1\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eIntroduction 1\u003c\/p\u003e \u003cp\u003eHow Is E-Business Security Defined? 2\u003c\/p\u003e \u003cp\u003eCan E-Business Security Be Explained More Simply? 3\u003c\/p\u003e \u003cp\u003eIs E-Business Security Really Such a Big Deal? 3\u003c\/p\u003e \u003cp\u003eIs E-Business Security More Important Than Other Information Technology Initiatives? 4\u003c\/p\u003e \u003cp\u003eHow Does an Organization Get Started? 5\u003c\/p\u003e \u003cp\u003eInstead of Playing “Catch-Up,” What Should an Organization Be Doing to Design E-Business Systems That Are Secure in the First Place? 7\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 2 E-Business Systems and Infrastructure Support Issues 8\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eIntroduction 8\u003c\/p\u003e \u003cp\u003eE-Business Defined 9\u003c\/p\u003e \u003cp\u003eA Short History of E-Business Innovations 9\u003c\/p\u003e \u003cp\u003eThe Need for Secure E-Business Systems 14\u003c\/p\u003e \u003cp\u003eSoftware: The Vulnerable Underbelly of Computing 17\u003c\/p\u003e \u003cp\u003eThe Interoperability Challenge and E-Business Success 20\u003c\/p\u003e \u003cp\u003eE-Business Security: An Exercise in Trade-Offs 23\u003c\/p\u003e \u003cp\u003eFew Systems Are Designed to Be Secure 25\u003c\/p\u003e \u003cp\u003eConclusion 26\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 3 Security Weaknesses in E-Business Infrastructure and “Best Practices” Security 27\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eIntroduction 27\u003c\/p\u003e \u003cp\u003eFundamental Technical Security Threats 28\u003c\/p\u003e \u003cp\u003eThe Guiding Principles of Protection 38\u003c\/p\u003e \u003cp\u003e“Best Practice” Prevention, Detection, and Countermeasures and Recovery Techniques 47\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 4 Managing E-Business Systems and Security 58\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eIntroduction 58\u003c\/p\u003e \u003cp\u003ePart One: Misconceptions and Questionable Assumptions 60\u003c\/p\u003e \u003cp\u003ePart Two: Managing E-Business Systems as a Corporate Asset 69\u003c\/p\u003e \u003cp\u003ePart Three: E-Business Security Program Management 97\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 5 A “Just-in-Time” Strategy for Securing the E-Business System: The Role for Security Monitoring and Incident Response 129\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eThe Current State of E-Business Security 130\u003c\/p\u003e \u003cp\u003eStandard Requirements of an E-Business Security Strategy 132\u003c\/p\u003e \u003cp\u003eA New Security Strategy 133\u003c\/p\u003e \u003cp\u003eThe Crucial Role of Security Monitoring and Incident Response to the Securing of E-Business Systems 134\u003c\/p\u003e \u003cp\u003eThe Current State of Intrusion Detection Systems (IDS) 134\u003c\/p\u003e \u003cp\u003eDefining a Cost-Effective Security Monitoring and Incident Response Capability 137\u003c\/p\u003e \u003cp\u003eAlternatives to Building “Your Own” Security Monitoring and Incident Response Capability 138\u003c\/p\u003e \u003cp\u003eSummary 139\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 6 Designing and Delivering Secured E-Business Application Systems 140\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eIntroduction 140\u003c\/p\u003e \u003cp\u003ePast Development Realities 145\u003c\/p\u003e \u003cp\u003eContemporary Development Realities 148\u003c\/p\u003e \u003cp\u003eDeveloping Secured E-Business Systems 150\u003c\/p\u003e \u003cp\u003eUsing the SDR Framework 153\u003c\/p\u003e \u003cp\u003eChoosing a Systems Development Methodology That Is Compatible with the SDR Framework 154\u003c\/p\u003e \u003cp\u003eParticipants in the Identification of Security and Integrity Controls 154\u003c\/p\u003e \u003cp\u003eImportance of Automated Tools 162\u003c\/p\u003e \u003cp\u003eA Cautionary Word About New Technologies 165\u003c\/p\u003e \u003cp\u003eSummary and Conclusions 165\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 7 Justifying E-Business Security and the Security Management Program 167\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eIntroduction 167\u003c\/p\u003e \u003cp\u003eThe “Quantifiable” Argument 169\u003c\/p\u003e \u003cp\u003eEmerging “Nonquantifiable” Arguments 170\u003c\/p\u003e \u003cp\u003eBenefits Justifications Must Cover Security Program Administration 175\u003c\/p\u003e \u003cp\u003eConclusion 177\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 8 Computers, Software, Security, and Issues of Liability 178\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eEvolving Theories of Responsibility 178\u003c\/p\u003e \u003cp\u003eLikely Scenarios 179\u003c\/p\u003e \u003cp\u003eHow Might a Liability Case Unfold? 180\u003c\/p\u003e \u003cp\u003eQuestions to Be Asked to Ensure That Reasonable Care Has Been Taken in Developing a Secure E-Business System 182\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 9 The National Critical Infrastructure Protection (CIP) Initiative 187\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eThe Problem of Dependency 187\u003c\/p\u003e \u003cp\u003eCritical Infrastructure Protection (CIP) Purpose, Directives, Organizations, and Relationships 188\u003c\/p\u003e \u003cp\u003eFrequently Asked Questions About the IT-ISAC 190\u003c\/p\u003e \u003cp\u003eCritical Information Infrastructure Protection Issues that Need Resolution 192\u003c\/p\u003e \u003cp\u003eAppendix A: Y2K Lessons Learned and Their Importance for E-Business Security 194\u003c\/p\u003e \u003cp\u003eAppendix B: Systems Development Review Framework for E-Business Development Projects 208\u003c\/p\u003e \u003cp\u003eAppendix C: A Corporate Plan of Action for Securing E-Business Systems (Sample) 229\u003c\/p\u003e \u003cp\u003eAppendix D: E-Business Risk Management Review Model Instructions for Use 251\u003c\/p\u003e \u003cp\u003eAppendix E: Resources Guide 262\u003c\/p\u003e \u003cp\u003eIndex 267\u003c\/p\u003e \u003cp\u003e \u003c\/p\u003e  \u003cp\u003e\u003cstrong\u003eTIMOTHY BRAITHWAITE\u003c\/strong\u003e has spent more than fifteen years in senior security management positions and another twenty years in executive director positions for computer and communications services organizations in both the public and private sectors. He has also worked as a private consultant. Tim has previously published The Power of IT: Maximizing Your Technology Investments and Evaluating the Year 2000 Project: A Management Guide for Determining Reasonable Care.    \u003c\/p\u003e\u003cp\u003e\"This is a must-read for the entire CXO community if businesses are to survive in cyberspace. Attack methodologies and the cyber threat poised against our business systems are advancing rapidly. Business leaders are soon to face downstream liability issues for the damage their unprotected and exploited systems cause not only to themselves but to all of those with whom they do business in cyberspace. American businesses are now the target of choice by our nation's enemies. We may secure the airways, ports, and borders, but only the boardrooms of America can ensure the survival of our economy.\" \u003cbr\u003e—John R. Thomas, Colonel, U.S. Army, Retired Former Commander of the DoD, Global Operations and Security Center  \u003c\/p\u003e\u003cp\u003eToday's e-business depends on the security of its networks and information technology infrastructure to safeguard its customers and its profits. But with rapid innovation and the emergence of new threats and new countermeasures, keeping up with security is becoming more complex than ever. \u003ci\u003eSecuring E-Business Systems\u003c\/i\u003e offers a new model for developing a proactive program of security administration that works as a continuous process of identifying weaknesses and implementing solutions. This book offers a real, working design for managing an IT security program with the attention it truly warrants, treating security as a constant function that adapts tomeet a company's changing security needs.  \u003c\/p\u003e\u003cp\u003eTopics include:  \u003c\/p\u003e\u003cul\u003e \u003cli\u003eSecurity weaknesses\u003c\/li\u003e \u003cli\u003eSafeguarding technologies\u003c\/li\u003e \u003cli\u003eCountermeasure best practices\u003c\/li\u003e \u003cli\u003eEstablishing an adaptable e-business security management program\u003c\/li\u003e \u003cli\u003eEssential elements of a corporate security management program\u003c\/li\u003e \u003cli\u003eFunctions, structure, staffing, and contracting considerations in security management\u003c\/li\u003e \u003cli\u003eImplementing intrusion detection technology\u003c\/li\u003e \u003cli\u003eDesigning tomorrow's e-business application for secured operations\u003c\/li\u003e \u003cli\u003eContemporary rationales for justifying increased spending on security programs\u003c\/li\u003e \u003cli\u003eEmerging liability issues for e-businesses\u003c\/li\u003e \u003c\/ul\u003e","brand":"Wiley","offers":[{"title":"Default Title","offer_id":47989997928677,"sku":"NP9781119090939","price":45.0,"currency_code":"USD","in_stock":false}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/1842\/7735\/files\/9781119090939.jpg?v=1761786157","url":"https:\/\/k12savings.com\/es\/products\/securing-e-business-systems-a-guide-for-managers-and-executives-isbn-9781119090939","provider":"K12savings","version":"1.0","type":"link"}