|
Security was, is, and will always be a double edged sword. You have to expose your systems and applications to the external world in order to conduct business; but you want to remain in control. How does one achieve this balance?
The best approach, it seems, is to understand information and communication systems themselves, from a security viewpoint. Then one needs to understand the ‘soft spots’, where the systems can be exposed to intrusion and risks, within the overall architecture and design of these systems. These areas of risks can span the entire gamut of information systems including databases, networks, applications, Internet-based communication, web services, mobile technologies and people issues associated with all of them. Effective strategy to ameliorate the risks associated with these aspects of IT systems then needs to be developed, to provide businesses with the confidence to operate in the real world. Furthermore, with increasingly stringent legislations, such as the Sarbanes-Oxley (SOx) legislation, that impose rigid auditing controls over businesses – particularly through their information and communication systems – it is vital for businesses to be fully aware of the security risks associated with their systems as well as the regulatory body pressures; and develop and implement an effective strategy to handle those risks.
This book covers all of the aforementioned issues in depth. It covers all significant aspects of security, as it deals with ICT, and provides practicing ICT security professionals explanations to various aspects of information systems, their corresponding security risks and how to embark on strategic approaches to reduce and, preferably, eliminate those risks. The coverage of the book is vast, and the relevant to immediate practice.
ISBN - 9788126516926
|
|
Pages : 1020
|