Results 1 to 3 of 3

Thread: For anyone interested in security management

  1. #1
    Junior Member
    Join Date
    Sep 2004

    For anyone interested in security management


    This is just a small message to make forum members aware of a new book in the area of information security management - "A Practical Guide to Managing Information Security", Steve Purser, Artech House (2004). My apologies if this is not the right place to post this message - the other messages in this area made me think that some members might be interested in this book.

    I wrote this book in response to questions that have been sent to me following conferences and seminars that I have given over the past few years. The goal of the book is to present what I believe are the major challenges in managing information security in modern commercial environments and to provide a set of practical methods and tools for meeting these challenges. By necessity, I have concentrated on what I consider to be the most important issues in today's environments and this is not a catalogue of security techniques.

    In a nutshell, the book shows how to design and successfully implement an information security strategy, whilst still responding appropriately to short-term requirements. In order to do this, the book covers the following topics, using a case study to illustrate the method:

    - A descrription of what I believe to be the major issues in today's environments.
    - An overview of methods and tools currently available to managers.
    - A description of the management approach
    - How to define, agree and implement an information security strategy.
    - How to use policy and standards effectively.
    - How to improve the scalability and flexibility of the current process.
    - How to design and implement an IT Security Architecture.
    How to create a security-minded culture.

    This is a book for practitioners and is based on real experience. I have made every effort to show where and why things can go wrong and how to avoid such problems. I hope it will help managers avoid the mistakes I made in the past.


    Steve Purser.

  2. #2
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Redondo Beach, CA
    Interesting. Sounds like a CISSP type book. ISBN, publisher, release date, website link?
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  3. #3
    Junior Member
    Join Date
    Sep 2004

    Here are useful links providing more information about the book.

    Publisher's description:


    Amazon.com and amazon.co.uk both have references posted by readers and amazon.com provides a facility for looking at extracts within the book. I think that links expire for book searches, so its better to do a search on 'steve purser' within these sites. Finally, there is also a small review on the bookpool site.

    Please note however that this book is not likely to be useful as preparation for a CISSP exam (or similar exams) - I hope that it will be very useful for understanding how decisions are taken in the real world and how security managers can agree solutions that reflect the interests of ALL the concerned parties.

    Hope this is useful,

    Steve Purser.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts