Defending the Digital Frontier, Second Edition
"The book recognizes, and correctly characterizes, digital security according to one of the fundamental tenets of IT governance: security, like IT governance, is a management issue, not a technical one. This book takes a very practical approach to a critical issue, and provides executive management with sound, cost–effective techniques grounded in business realities. Management and the C–suite will do well to keep these techniques in mind when formulating IT strategies that are aligned with and support business goals."
Marios Damianides CISA, CISM, CPA, CA, International President, Information Systems Audit and Control Association and IT Governance Institute
"Ernst & Young has done a superb job in demonstrating why the integrity of Digital Information Systems is fundamental to success. The authors show that protecting computers from attack is only a small part of this task. This book focuses on handling systemic risk and complexity the inevitable problems that arise when you integrate computerized information systems with human activity systems: namely the company itself, customers, suppliers, competitors, as well as the broader political and regulatory environment. I can recommend it as essential reading to all senior executives."
Ian Angell Professor of Information Systems, London School of Economics
"The CBI considers security of information to be a major issue for individuals and businesses in the growing digital world. This book makes clear, that the key to success in this new environment is in using technology effectively technology cannot make a badly organised business good, but it can make a good business better. Ernst & Young has identified critical organisational and management processes that global companies need to implement to ensure that technology effectively secures information assets that are at the heart of today′s economy."
Digby Jones Director General, CBI
PART ONE: THE CHALLENGE OF THE FRONTIER.
Chapter 1: Living at the Digital Frontier.
Chapter 3: Organisational Components and Security Objectives.
PART TWO: THE AGENDA FOR ACTION.
Chapter 4: The Security Agenda.
Chapter 5: The Security Life Cycle.
PART THREE: THE APPROACH FOR SAFETY.
Chapter 6: The Security Culture.
Chapter 7: The Risk Frontier.
Chapter 8: Road Map for Success.
Appendix A: Security–Related Laws and Regulations.
Appendix B: Threat Vectors.
Appendix C: Ernst & Young 2004 Digital Security Overview: An Executive Guide and Diagnostic.
Glossary of Digital Security Terminology.