INFORMATION

Site Map - How-to

Vulnerability Assessment of Physical Protection Systems

- No security professional involved at any level in the VA process for physical protection systems can afford to operate without this field manual.

New in Plaintext

- The book is best browsed through in front of a computer, because you’ll be eagerly visiting the Web sites he writes about and trying the software and tactics he describes. Many of the latter I had never heard of. For instance, in a chapter on how to work around censorship (government or corporate) of Web sites, he describes how to access banned Web pages by having them e-mailed to you. No special software is required; just send an e-mail containing the URL of the Web site you want to see to a certain e-mail address, and the full site will be sent back to you inside a return message.

Getting Ahead in IT

- If you are an IT security professional or are interested in becoming one, you’ll find a new career guide issued by (ISC)2 to be a helpful resource. The guide describes the types of jobs available (including typical job titles) and explores the various areas of expertise within information security, as well as educational requirements, technical skills needed, salary ranges, and the certifications that can help you advance your career. The guide also includes a list of schools offering IT security curricula and relevant professional associations. @ Career Guide: Decoding the Information Security Profession is at SM Online.

Quick Bytes:Manager’s IT guidebook.

- Anyone looking for an overview of the elements that make up an information security program can turn to a comprehensive guide released by the National Institute of Standards and Technology (NIST) titled Information Security Handbook: A Guide for Managers. The handbook covers every aspect of security, from awareness and training issues to incident response and recovery strategies. Intended for senior managers, it’s as appropriate for the private sector as it is for government readers; as the authors note, while private- and public-sector requirements may differ, “the underlying principles of information security are the same.” @ Security Management Online has the NIST handbook.

Quick Bytes: Metrics

- Guide for Developing Performance Metrics for Information Security analyzes legislative requirements, describes linkages between strategic planning and information security, and explains types of performance metrics.

IT Guide

- A comprehensive guide from NIST tells how to set up an information security program.

Homeland Security Assessment Manual: A Comprehensive Organizational Assessment Based on Baldrige Criteria

- Developing metrics to measure performance and benchmark best practices is a must for professional advancement

Bombs and Bombings: A Handbook to Protection, Security, Detection, Disposal and Investigation for Industry, Police and Fire Depa

- Bomb technicians and others who seek specialized information about the intricate, multifarious, and perilous work that these professionals perform will find much of value.

Nuclear Facilities

- The Nuclear Regulatory Commission (NRC) has announced its plan to formulate a new rule to guide risk assessments at nuclear power facilities. The risk assessments, which will be performance-based and technology-neutral, will be required before a facility can be issued a license by the NRC. The advance notice of the rulemaking does not set out the specifics of the plan. Instead, the NRC is asking for comments on whether the concept of the plan is reasonable and, if so, how it should be designed and implemented. The comment period expires December 29, 2006. @ read the advance notice of the proposed rule.

Focus on CCTV’s Value

- Jerry H. Ratcliffe, an associate professor of criminal justice at Temple University, has sifted through dozens of studies on the effectiveness of CCTV in an effort to get an answer. His findings are presented in an article that is another in a series that comprises the Department of Justice's problem-oriented guides for police.

Court Security

- A paper summarizes new court security guidelines proposed at a symposium held by the National Center for State Courts.

Quick Bytes: Metrics

- Guide for Developing Performance Metrics for Information Security analyzes legislative requirements, describes linkages between strategic planning and information security, and explains types of performance metrics.

Security’s Value

- Find out how many companies are already using metrics to show security’s value, by reading this Frost and Sullivan survey
 




Beyond Print

SM Online

See all the latest links and resources that supplement the current issue of Security Management magazine.