THE MAGAZINE
Technofile: IT Security
New in Plaintext
Chances are, if you're not an IT professional, you only have a general idea of what the IT staff does each day. But consider the risk of ignorance: If you are responsible for security, yet take a hands-off approach to IT security assessments, you're entrusting a big piece of your job to someone else. Now, with the help of two plain-speaking security professionals, you can learn what goes on behind the scenes of an IT security assessment, allowing you to take a bigger role in the process.
Know Cyber Risk by Managing Your IT Security is a new book by James P. Litchko and Al Payne, CISSP. The short book (only 160 pages) is written so that even the most technophobic manager can understand how, for example, to calculate a quantitative annual loss estimate for IT systems. The estimate, the book explains, "is the potential loss in dollars per year from attacks by a threat against a vulnerability."
Each component of this equation is explained in easy-to-understand language and with clear examples. The quantitative type of assessment is also compared to a qualitative risk assessment.
The book presents this information in the context of a weekly poker game. The four players are old friends who are helping Dan, a newly hired IT manager who has been asked to perform a security assessment on the company's computers and networks. Though Dan is a technician, he's never performed a security assessment and isn't sure where to start; even worse, his boss has hired an IT security consulting firm to look over his shoulder.
The book is illustrated with short notes written on the poker players' score pad. These notes highlight the terms, ideas, and equations that are presented in each chapter.
The book is certainly for beginners only--IT pros are likely to find the points simplistic--but security professionals who are new to IT security terminology and practices will find the book helpful and enlightening.
Know Cyber Risk by Managing Your IT Security, published by Know Book Publishing, is available from online retailers or the publisher for $14.95.
Advertise | Subscribe | Reader Service | Writer's Guidelines | Reprints & Permissions | Sitemap | RSS
Security Management is the award-winning publication of ASIS International, the preeminent international
organization for security professionals, with more than 35,000 members worldwide.
ASIS International, Inc. Worldwide Headquarters USA, 1625 Prince Street, Alexandria, Virginia 22314-2818
703-519-6200 | fax 703-519-6299 | www.asisonline.org
Copyright © 2008, Security Management
Powered by: Phase2 Technology
Comments