Supplying a high-level overview of how to protect your company's physical and intangible assets, Asset Protection through Security Awareness explains the best ways to enlist the assistance of your employees as the first line of defense in safeguarding company assets and mitigating security risks. It reviews key topics surrounding computer security--including privacy, access controls, and risk management--to help you fill the gaps that might exist between management and the technicians securing your network systems. Requiring no previous networking or programming experience, the book delivers a practical approach to asset protection. It specifies the roles of managers and employees in creating a company-wide culture of security awareness and provides step-by-step instruction on how to build an effective security awareness team. Each chapter examines a separate security issue and provides a brief overview of how to address that issue. This book includes helpful tools and checklists to help you address: - Visual, digital, and auditory data security - Payment card industry (PCI) compliance, password management, and social engineering - User authentication methods - Computer and network forensics - Physical security and continuity planning - Privacy concerns and privacy-related regulation This concise security management primer facilitates the up-to-date understanding required to protect your digital and physical assets, including customer data, networking equipment, and employee information. Providing you with powerful tools of diplomacy, this text will help you win the support of your employees and empower them to be effective gatekeepers of your company's most valued assets and trade secrets. -- Provided by publisher.
Cover; Title Page; Copyright; Contents; INTRODUCTION; WHAT IS INFORMATION SECURITY?; CHAPTER 1: CREATING A CULTURE OF SECURITY AWARENESS; CHAPTER 2: OVERVIEW OF SECURITY AWARENESS CATEGORIES; CHAPTER 3: WHO IS AN IS PROFESSIONAL?; CHAPTER 4: DIPLOMACY; CHAPTER 5: PRIVACY CONCERNS; CHAPTER 6: INTERDEPARTMENTAL SECURITY; CHAPTER 7: RISK MANAGEMENT; CHAPTER 8: SOCIAL ENGINEERING; CHAPTER 9: INCIDENT DETECTION AND RESPONSE; CHAPTER 10: PHYSICAL SECURITY; CHAPTER 11: PCI COMPLIANCE; CHAPTER 12: BUSINESS CONTINUITY PLANNING; CHAPTER 13: USER AUTHENTICATION METHODS CHAPTER 14: COMPUTER AND NETWORK FORENSICSCHAPTER 15: MALWARE; CHAPTER 16: CRAFTING A SECURITY POLICY; CHAPTER 17: PERFORMING SECURITY ANALYSES AND AUDITS; CHAPTER 18: ACCESS CONTROL; CHAPTER 19: SECURITY CHECKLISTS; INDEX; ABOUT THE AUTHOR