Verfügbarkeit: Enterprise information security and privacy

Enterprise information security and privacy:

Gespeichert in:

Bibliographische Detailangaben
Format:	Buch
Sprache:	English
Veröffentlicht:	Boston [u.a.] Artech House 2009
Schriftenreihe:	Artech House information security and privacy series
Schlagworte:	Unternehmen Business enterprises > Computer networks > Security measures Computer security Data protection Information technology > Security measures Computersicherheit Betriebliches Informationssystem
Online-Zugang:	Inhaltsverzeichnis
Beschreibung:	Literaturangaben
Beschreibung:	XXIV, 231 S. graph. Darst.

Internformat

MARC


LEADER	00000nam a2200000 c 4500
001	BV035392884
003	DE-604
005	20090514
007	t
008	090325s2009 d\|\|\| \|\|\|\| 00\|\|\| eng d
020			\|z 1596931906 \|9 1-59693-190-6
020			\|z 9781596931909 \|9 978-1-59693-190-9
035			\|a (OCoLC)299942244
035			\|a (DE-599)BVBBV035392884
040			\|a DE-604 \|b ger \|e rakwb
041	0		\|a eng
049			\|a DE-355
050		0	\|a HF5548.37
082	0		\|a 658.478 \|2 22
084			\|a ST 276 \|0 (DE-625)143642: \|2 rvk
245	1	0	\|a Enterprise information security and privacy \|c C. Warren Axelrod ... eds.
264		1	\|a Boston [u.a.] \|b Artech House \|c 2009
300			\|a XXIV, 231 S. \|b graph. Darst.
336			\|b txt \|2 rdacontent
337			\|b n \|2 rdamedia
338			\|b nc \|2 rdacarrier
490	0		\|a Artech House information security and privacy series
500			\|a Literaturangaben
650		4	\|a Unternehmen
650		4	\|a Business enterprises \|x Computer networks \|x Security measures
650		4	\|a Computer security
650		4	\|a Data protection
650		4	\|a Information technology \|x Security measures
650	0	7	\|a Computersicherheit \|0 (DE-588)4274324-2 \|2 gnd \|9 rswk-swf
650	0	7	\|a Betriebliches Informationssystem \|0 (DE-588)4069386-7 \|2 gnd \|9 rswk-swf
689	0	0	\|a Betriebliches Informationssystem \|0 (DE-588)4069386-7 \|D s
689	0	1	\|a Computersicherheit \|0 (DE-588)4274324-2 \|D s
689	0		\|C b \|5 DE-604
700	1		\|a Axelrod, C. Warren \|e Sonstige \|4 oth
856	4	2	\|m Digitalisierung UB Regensburg \|q application/pdf \|u http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=017313641&sequence=000002&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA \|3 Inhaltsverzeichnis
999			\|a oai:aleph.bib-bvb.de:BVB01-017313641

Datensatz im Suchindex

_version_	1804138816503545856
adam_text	Contents Foreword XIII Preface xix Acknowledgments xxiii Part 1: Trends 1 Privacy Roles and Responsibilities 3 1 1.1 Background 4 1.2 Observations 8 1.3 Recommendations 12 1.3.1 Roles and Responsibilities of Information Security 14 1.3.2 The Impact of Outsourcing: Privacy, Security, and Enforcing Controls 16 1.3.3 Privacy and New Roles for Information Security 16 1.4 Future Trends 18 2 Data Protection ________________________________21 2.1 Background 21 2.2 Observations 24 Enterprise Information Security and Privacy 2.3 Recommendations 27 2.3.1 Formalize a Trust Model 28 2.3.2 Utilize an Integrated and Holistic Approach to Security and Governance 30 2.3.3 Implement a Risk-Based Systemic Security Architecture 32 2.3.4 Support an Adaptive Security Approach to Security 36 2.3.5 Build Systems, Applications, Networks, Protocols, and Others Using Accepted Standards 37 2.4 Future Trends 40 3 IT Operational Pressures on Information Security 41 3.1 Background 41 3.1.1 IT Operations and IT Service Development Impede Information Security Goals 42 3.1.2 Information Security Impedes IT Operations and IT Service Development Goals 43 3.1.3 Information Security Using a Technology-Centric, Bottom-Up Risk Model 44 3.2 Observations 45 3.3 Recommendations 48 3.3.1 Stabilize the Patient and Get Plugged into Production 51 3.3.2 Find Business Risks, Identify Controls, and Fix Fragile Artifacts 53 3.3.3 Implement Development and Release Controls 55 3.3.4 Continually Improve 56 3.4 Future Trends 57 4 Information Classification 59 4.1 Background 60 4.2 Observations 62 4.3 Recommendations 65 4.4 Future Trends 69 Contents vii 5 Human Factors 71 5.1 Background 72 5.1.1 Historical Perspective on Privacy 73 5.1.2 Impact of Technology on Privacy 74 5.1.3 Privacy in a Corporate Setting 76 5.1.4 Evolution of Personal Information 76 5.2 Observations 77 5.2.1 Privacy Trade-offs — Human Behavioral Impact on Privacy 77 5.2.2 What is Risk? 80 5.3 Recommendations 83 5.4 Future Trends 87 Acknowledgments 87 Part II: Risks 89 6 Making the Case for Replacing Risk-Based Security 91 6.1 Introduction 92 6.1.1 Understanding Security Risk 92 6.2 Why Risk Assessment and Risk Management Fail 95 6.2.1 Misplaced Support for Risk-Based Security in Practice 97 6.2.2 Alternatives to Security Risk Assessment 99 6.3 Conclusion 101 7 The Economics of Loss _____________________________103 7.1 Security as the Prevention of Loss 104 7.2 Quantifying the Risk of Loss 105 7.3 Refining the Basic Risk Equation 106 7.4 The Problem of Quantifying Loss Itself 106 7.5 Confronting the Reality of Hypothetical Actions 107 7.6 Overcoming the Fixation on Assets 108 viii Enterprise Information Security and Privacy 7.7 Overcoming the Fixation on Market Value 108 7.8 Overcoming the Fixation on Productivity 110 7.9 Overcoming the Neglect of Substitutes 111 7.10 Taking Account of the Duration and Extent of the Effects 112 7.11 Distinguishing Between the Different Business Categories of Attacks 113 7.12 Putting the Proper Risk Estimates Back into the ROI Calculation 114 8 Legal and Regulatory Obligations ____________________ Í15 8.1 The Expanding Duty to Provide Security 116 8.1.1 Where Does It Come From? 116 8.1.2 What Is Covered? 118 8.2 The Emergence of a Legal Standard for Compliance 120 8.2.1 The Developing Legal Definition of Reasonable Security 122 8.2.2 An Increasing Focus on Specific Data Elements and Controls 128 8.3 The Imposition of a Duty to Warn of Security Breaches 131 8.3.1 The Basic Obligation 132 8.3.2 International Adoption 134 8.4 Conclusion 135 9 Telecommunications _______________________137 9.1 Security Issues in Mobile Telecommunications 138 9.1.1 Pressure on the Perimeter Model 138 9.1.2 Computer Security Threats for Portable Devices 139 9.2 Security Issues in Global Telecommunications 140 9.2.1 Global Cooperation on Cyber Attack 140 9.2.2 Global Attention to Software Piracy 141 Contents ¡χ 9.3 Security Issues in Internet Protocol—Based Telecommunications 141 9.3.1 Reduced Technological Diversity 142 9.3.2 Increased Reliance on Shared, Decentralized Internet- Based Systems 142 9.4 Security Issues in Bandwidth-Increasing Telecommunications 143 9.4.1 Residential Users Have Greater Security Responsibility 143 9.4.2 Botnets Become a Huge Threat to the Global Economy 144 References 146 Part III: Experience 147 10 Financial Services 149 10.1 Laws, Regulations, and Supervisory Requirements 150 10.1.1 Сгатт-ЬеаД-ВШеуАсюгШЭ 153 10.1.2 The Sarbanes-Oxley Act of 2002 154 10.1.3 The Fair and Accurate Credit Transactions Act of 2003 154 10.1.4 Breach Notification Requirements 155 10.1.5 Supervisory Guidance 158 10.2 Future Focus 160 10.2.1 Identity Theft Prevention 160 10.2.2 Outsourcing and Offshoring 160 10.2.3 Cross-Border Data Flows 161 10.2.4 Encryption 161 10.2.5 Online Behavioral Advertising 162 10.2.6 Internet Governance 162 10.2.7 Wireless Security 162 10.2.8 Capital Requirements for Operational Risk 162 10.2.9 Security of Web-Based Business Applications 163 10.2.10 Other Future Focuses in Financial Sector Security 163 10.3 Compliance Challenges 163 11 Energy ___________________________________________165 11.1 Overview of Sector 166 Enterprise Information Security and Privacy 11.2 Risks Related to Security and Privacy 169 11.3 How Risks Are Addressed 171 11.4 Documentation and Its Relation to Information Security 174 11.5 Conclusion 177 Acknowledgments 178 Selected Bibliography 178 12 Transportation Security ____________________________181 12.1 Overview 182 12.2 Technology s Role in Transportation Security 183 12.3 Security in Transit 187 12.4 Best Practices Applied 189. 13 Academia ____________________________________191 13.1 Overview 192 13.1.1 Age and Demographics 192 13.1.2 You Cannot Fire Me 192 13.1.3 Hard to Educate Users 192 13.1.4 Lax Controls 193 13.1.5 How Everything Is Connected 193 13.2 Case Studies 193 13.2.1 Case Study: Social Networking and Crimeware 194 13.2.2 Case Study: Social Phishing 196 13.2.3 Case Study: Infected Access Points 1 % 13.3 Protection 197 References 197 Appendix A Key information Security Law References ____________199 199 200 204 206 A.1 Federal Statutes A.2 State Statutes A3 Federal Regulations A.4 State Regulations Contents xi Α. 5 Court Decisions 206 A.6 FTC Decisions and Consent Decrees 207 A.7 State Attorneys General Consent Decrees 208 A. 8 European Union — Directives 209 A.9 European Union — Security Provisions in Country Implementations of Data Protection Directive 209 АЛО Other Countries 212 About the Authors _________________________________213 Index 223
any_adam_object	1
building	Verbundindex
bvnumber	BV035392884
callnumber-first	H - Social Science
callnumber-label	HF5548
callnumber-raw	HF5548.37
callnumber-search	HF5548.37
callnumber-sort	HF 45548.37
callnumber-subject	HF - Commerce
classification_rvk	ST 276
ctrlnum	(OCoLC)299942244 (DE-599)BVBBV035392884
dewey-full	658.478
dewey-hundreds	600 - Technology (Applied sciences)
dewey-ones	658 - General management
dewey-raw	658.478
dewey-search	658.478
dewey-sort	3658.478
dewey-tens	650 - Management and auxiliary services
discipline	Informatik Wirtschaftswissenschaften
format	Book
fullrecord	<?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>01772nam a2200457 c 4500</leader><controlfield tag="001">BV035392884</controlfield><controlfield tag="003">DE-604</controlfield><controlfield tag="005">20090514 </controlfield><controlfield tag="007">t</controlfield><controlfield tag="008">090325s2009 d\|\|\| \|\|\|\| 00\|\|\| eng d</controlfield><datafield tag="020" ind1=" " ind2=" "><subfield code="z">1596931906</subfield><subfield code="9">1-59693-190-6</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="z">9781596931909</subfield><subfield code="9">978-1-59693-190-9</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(OCoLC)299942244</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-599)BVBBV035392884</subfield></datafield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">DE-604</subfield><subfield code="b">ger</subfield><subfield code="e">rakwb</subfield></datafield><datafield tag="041" ind1="0" ind2=" "><subfield code="a">eng</subfield></datafield><datafield tag="049" ind1=" " ind2=" "><subfield code="a">DE-355</subfield></datafield><datafield tag="050" ind1=" " ind2="0"><subfield code="a">HF5548.37</subfield></datafield><datafield tag="082" ind1="0" ind2=" "><subfield code="a">658.478</subfield><subfield code="2">22</subfield></datafield><datafield tag="084" ind1=" " ind2=" "><subfield code="a">ST 276</subfield><subfield code="0">(DE-625)143642:</subfield><subfield code="2">rvk</subfield></datafield><datafield tag="245" ind1="1" ind2="0"><subfield code="a">Enterprise information security and privacy</subfield><subfield code="c">C. Warren Axelrod ... eds.</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="a">Boston [u.a.]</subfield><subfield code="b">Artech House</subfield><subfield code="c">2009</subfield></datafield><datafield tag="300" ind1=" " ind2=" "><subfield code="a">XXIV, 231 S.</subfield><subfield code="b">graph. Darst.</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="b">n</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="b">nc</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="490" ind1="0" ind2=" "><subfield code="a">Artech House information security and privacy series</subfield></datafield><datafield tag="500" ind1=" " ind2=" "><subfield code="a">Literaturangaben</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Unternehmen</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Business enterprises</subfield><subfield code="x">Computer networks</subfield><subfield code="x">Security measures</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Computer security</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Data protection</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Information technology</subfield><subfield code="x">Security measures</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Computersicherheit</subfield><subfield code="0">(DE-588)4274324-2</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Betriebliches Informationssystem</subfield><subfield code="0">(DE-588)4069386-7</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="689" ind1="0" ind2="0"><subfield code="a">Betriebliches Informationssystem</subfield><subfield code="0">(DE-588)4069386-7</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2="1"><subfield code="a">Computersicherheit</subfield><subfield code="0">(DE-588)4274324-2</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2=" "><subfield code="C">b</subfield><subfield code="5">DE-604</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">Axelrod, C. Warren</subfield><subfield code="e">Sonstige</subfield><subfield code="4">oth</subfield></datafield><datafield tag="856" ind1="4" ind2="2"><subfield code="m">Digitalisierung UB Regensburg</subfield><subfield code="q">application/pdf</subfield><subfield code="u">http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=017313641&sequence=000002&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA</subfield><subfield code="3">Inhaltsverzeichnis</subfield></datafield><datafield tag="999" ind1=" " ind2=" "><subfield code="a">oai:aleph.bib-bvb.de:BVB01-017313641</subfield></datafield></record></collection>
id	DE-604.BV035392884
illustrated	Illustrated
indexdate	2024-07-09T21:34:12Z
institution	BVB
language	English
oai_aleph_id	oai:aleph.bib-bvb.de:BVB01-017313641
oclc_num	299942244
open_access_boolean
owner	DE-355 DE-BY-UBR
owner_facet	DE-355 DE-BY-UBR
physical	XXIV, 231 S. graph. Darst.
publishDate	2009
publishDateSearch	2009
publishDateSort	2009
publisher	Artech House
record_format	marc
series2	Artech House information security and privacy series
spelling	Enterprise information security and privacy C. Warren Axelrod ... eds. Boston [u.a.] Artech House 2009 XXIV, 231 S. graph. Darst. txt rdacontent n rdamedia nc rdacarrier Artech House information security and privacy series Literaturangaben Unternehmen Business enterprises Computer networks Security measures Computer security Data protection Information technology Security measures Computersicherheit (DE-588)4274324-2 gnd rswk-swf Betriebliches Informationssystem (DE-588)4069386-7 gnd rswk-swf Betriebliches Informationssystem (DE-588)4069386-7 s Computersicherheit (DE-588)4274324-2 s b DE-604 Axelrod, C. Warren Sonstige oth Digitalisierung UB Regensburg application/pdf http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=017313641&sequence=000002&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA Inhaltsverzeichnis
spellingShingle	Enterprise information security and privacy Unternehmen Business enterprises Computer networks Security measures Computer security Data protection Information technology Security measures Computersicherheit (DE-588)4274324-2 gnd Betriebliches Informationssystem (DE-588)4069386-7 gnd
subject_GND	(DE-588)4274324-2 (DE-588)4069386-7
title	Enterprise information security and privacy
title_auth	Enterprise information security and privacy
title_exact_search	Enterprise information security and privacy
title_full	Enterprise information security and privacy C. Warren Axelrod ... eds.
title_fullStr	Enterprise information security and privacy C. Warren Axelrod ... eds.
title_full_unstemmed	Enterprise information security and privacy C. Warren Axelrod ... eds.
title_short	Enterprise information security and privacy
title_sort	enterprise information security and privacy
topic	Unternehmen Business enterprises Computer networks Security measures Computer security Data protection Information technology Security measures Computersicherheit (DE-588)4274324-2 gnd Betriebliches Informationssystem (DE-588)4069386-7 gnd
topic_facet	Unternehmen Business enterprises Computer networks Security measures Computer security Data protection Information technology Security measures Computersicherheit Betriebliches Informationssystem
url	http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=017313641&sequence=000002&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA
work_keys_str_mv	AT axelrodcwarren enterpriseinformationsecurityandprivacy

Verfügbarkeit

Es ist kein Print-Exemplar vorhanden.

Fernleihe Bestellen Achtung: Nicht im THWS-Bestand! Inhaltsverzeichnis

MARC

Datensatz im Suchindex

Es ist kein Print-Exemplar vorhanden.

Ähnliche Einträge