The handbook of information security in the digital age covers the following topics:
- What is information security?
- What are the unique threats facing business in the digital age?
- What is the potential impact of these threats - what can go wrong? what will that cost your business?
- How to create an effective, and comprehensive information security strategy?
- How to create an effective information security governance?
- How to create a risk management strategy for information security?
- What are some best practices to effective information security?
- What is the role of senior management, and the board in information security? What should the executive management, and the board be aware of? What should they be prepared on?
- What should the IT organization do to address information security risk?
- How to create an effective information security risk mitigation plan?
- How to recruit, train, and manage an information security aware organization - in, and outside of IT?
- How to improve collaboration between IT, and business to strengthen information security?
- How to create a program to detect a breach in information security?
- How to create an effective response to an information security breach?
- How to manage the increase in threats to information security because of extended organizational boundaries due to outsourcing, and other partnerships?
- What are the legal, and regulatory considerations in information security?
This is the one document every CIO should read, and share with their peers, and the CEO to gain a uniform understanding of the threats to information security, and create an effective enterprise-wide strategy, governance, and plan to deal with them.