The Executive MBA in Information Security
- 5h 53m
- John J. Trinckes, Jr.
- CRC Press
- 2010
According to the Brookings Institute, an organization’s information and other intangible assets account for over 80 percent of its market value. As the primary sponsors and implementers of information security programs, it is essential for those in key leadership positions to possess a solid understanding of the constantly evolving fundamental concepts of information security management. Developing this knowledge and keeping it current however, requires the time and energy that busy executives like you simply don’t have.
Supplying a complete overview of key concepts, The Executive MBA in Information Security provides the tools needed to ensure your organization has an effective and up-to-date information security management program in place. This one-stop resource provides a ready-to use security framework you can use to develop workable programs and includes proven tips for avoiding common pitfalls—so you can get it right the first time.
Allowing for quick and easy reference, this time-saving manual provides those in key leadership positions with a lucid understanding of:
- The difference between information security and IT security
- Corporate governance and how it relates to information security
- Steps and processes involved in hiring the right information security staff
- The different functional areas related to information security
- Roles and responsibilities of the chief information security officer (CISO)
Presenting difficult concepts in a straightforward manner, this concise guide allows you to get up to speed, quickly and easily, on what it takes to develop a rock-solid information security management program that is as flexible as it is secure.
About the Author
John J. (“Jay”) Trinckes, Jr. (CISSP, CISM, CEH, NSA-IAM/IEM, MCSE, A+) is a Senior Information Security Consultant for CastleGarde, Inc. He conducts internal, physical, and external vulnerability assessments along with specific technical audits such as Bank Secrecy Act assessments. Trinckes has been instrumental in developing audit plans, compliance assessments, business impact analyses, and business continuity and disaster recovery plans for the company’s clients. He also conducts security awareness training and other presentations related to information security.
Trinckes is a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), and a Certified Ethical Hacker (C-EH). He holds certifications in the National Security Agency (NSA) INFOSEC Assessment Methodology (IAM) and INFOSEC Evaluation Methodology (IEM), along with Microsoft Certified Systems Engineer (MCSE-NT) and Comptia A+ certifications.
Trinckes provides a unique perspective to CastleGarde’s engineering team as a result of previous work experience as an Information Security Risk Analyst with a corporate credit union, a Law Enforcement Sergeant, an Assistant Accreditation Manager, and an IT Manager and System Administrator. He holds a current state of Florida law enforcement officer certification, which assists him in providing insight into assessment services through his extensive background in client management, law enforcement, IT support, and information security.
Trinckes graduated with a bachelor’s degree in business administration/management information systems from the Union Institute and University in Cincinnati with a 4.0 GPA and is currently working on multiple network- and security-related certifications. He has been a member of numerous highly recognized security industry associations, such as the FBI’s InfraGard, Information Systems Security Association (ISSA), International Association of Technology Professionals (IATP), Information Systems Audit and Controls Association (ISACA), and the International Information Systems Security Certification Consortium (ISC2).
In this Book
-
The Executive MBA in Information Security
-
Preface
-
Information Security Overview
-
Information Security Requirements
-
Managing Risks
-
Physical Security
-
Business Continuity Plans and Disaster Recovery
-
Administrative Controls
-
Technical Controls
-
Application Controls
-
Perimeter Controls
-
Audit and Compliance
-
Information Security Policy
-
Technology Resource Policy*
-
Log-on Warning Banner
-
Penetration Test Waiver
-
Tools
-
How to Report Internet Crime*
-
Acronyms
-
MyISAT
-
Web References