Information assurance : surviving in the information environment

"Information Assurance: Surviving in the Information Environment" examines why organisations need to take information assurance seriously - and covers the business, legal, and technical knowledge needed to do so. It bridges the gap between information security as a technical concept and information security as a business concept, and helps IS managers to manage security effectively so as to facilitate business processes and develop competitive advantage. Key topics include: the role of the corporate security officer; corporate cybercrime; electronic commerce and the global marketplace; cryptography; and international standards, policies and security acts. Written primarily as a reference for IS managers who need help in dealing with day-to-day security issues, this book will also provide invaluable reading for project managers, IT strategists, business managers and postgraduate students on conversion, Advanced Information Systems and MBA Management courses."A refreshingly clear and wide-ranging view of Information Assurance...this book not only explains what the problems are, it also gives you clear information on how to address the issues that have been raised." - Andrew Jones, Group Manager, Secure Information Systems, DERA, UK. "Clear, concise and well-written, with an interesting presentation of global perspectives and drivers that span IT security in its entirety. This book is a must-read for the security practitioner and anyone interested in understanding and protecting public or private sector environments..." - Donald L. Evans, United Space Alliance, Houston, Texas, US. "If you could choose only one primer, this is the THE book." - Perry Luzwick, Director, Information Assurance Architectures, Logicon, US.

I. An Introduction to Information Assurance: 1. What is Information Assurance? 2. The World of Information. 3. The Theory of Risks. 4. The Information World of Crime. 5. IA Trust and Supply Chains. 6. Basic IA Concepts and Models * II. IA in the World of Corporations: 7. The Corporate Security Officer. 8. Corporate Security Functions. 9. IA in the Interest of National Security. 10. The Corporate IA Officer. 11. IA Organisational Functions * III. Technical Aspects of IA: 12. IA and Software. 13. Applying Cryptography to IA. 14. Information Technology Security * IV. The Future: 15. The Future and Final Thoughts. Appendix: References and Recommended Readings * Appendix 2: UK Computer Misuse Act of 1990 * Appendix 3: "Computer Misuse Act 1990 - Loopholes and Anomalies" * Appendix 4: US Computer Security Act of 1987 * Appendix 5: BS7799 * Appendix 6: MIS Training Institute "Swiss Army Knife"Bibliography * Index.