|
Illuminati, 66
IMICI.com, 30
Industrial Age, 13
Information
assurance, 274
business, 170, 171, 173
categories of, 170
classified, 253–256
definitions of, 6
operations, 276–277
private, 170–171, 173
sensitive, 173
threats and, access to, 67
valuing, 168–174
Information Age, 13
Information environment (IE)
components of, 270
defined, 274
extended, 272, 273
growth of, 3–4
impact of technology on, 9–10
importance of, 4–6, 267
reasons for understanding, 6–9
Information Systems Audits and Controls Association (ISACA), 311
Information Systems Security Association (ISSA)
career development and, 297, 305, 311
Code of Ethics, 289–290
Information systems security officers (ISSOs)
as business managers, 40–45
evolution of position, 97–100
future for, 350
as a leader, 103
national security and, 259
objectives/goals of, 103
other names for, 99
questions company managers should ask, 43–44
reasons for understanding information environment, 6–9
responsibilities of, 33–39, 100–103, 108–111, 242–244
service and support provided by, 104–105
Information warfare (IW)
competitive advantage and, 278–281
defensive, 276
defined, 265, 267–269, 274–278
development of global, 267–272
future and, 347
importance of understanding, 266
offensive, 276
purpose of, 275
terminology, 272–278
InfoSec
See also Corporate Information Assets Protection Program (CIAPP); Metrics management, InfoSec
annual plan, 85–86, 120–123
business managers and, 40–45
drivers, 132
job descriptions, 152–160
national security and, 254–256
purpose of, 32–33
recruiting professionals, 160–163
strategic plan, 83–84, 114–115, 117–118
tactical plan, 84–85, 118–120
InfoSec functions
drivers for, 165–166
identifying, 174–175
options 166
processes, 166–168
valuing information, 168–174
InfoSec functions, types of
access control, 177–180
awareness briefings, 175–176
awareness material, 177
awareness program, 175
contingency and emergency planning and disaster recovery program, 187–191
evaluation of hardware, firmware, and software, 180–183
noncompliance inquiries, 186–187
risk management, 183–185
security tests, 185–186, 211–214
Inhibitors
man-made threat agents and, 56–57
man-made threats and, 54
threat factors, 68–69
International, being a consultant and, 335–336
International Widget Corp. example
background information, 78–80
business environment, 78–80
business plan, annual, 85–86, 120–123
business plan, strategic, 83–84, 114–115, 117–118
business plan, tactical, 84–85, 118–120
history of ISSO at, 86–88
importance of being familiar with, 81–82
key elements to consider, 80–81
mission statements, 92, 107
planning for CIAPP, 88
quality statements, 92, 107
relationship between ISSO and departments in, 89–91
vision statements, 91–92, 105–106
Internet
career development and use of, 307–308
development of, 14–15, 29
future and, 345–346
historical conditions leading to the development of, 12–13
how it works, 16–17
impact of, 17–21
Internet service providers (ISPs), 17
need for standards, 28–32
Interviewing for a job, 318–321
|