Information Security Architecture: An Integrated Approach to Security in the Organization, Second Edition

  • 6h 53m
  • Jan Killmeyer
  • CRC Press
  • 2006

Information Security Architecture, Second Edition incorporates the knowledge developed during the past decade that has pushed the information security life cycle from infancy to a more mature, understandable, and manageable state. It simplifies security by providing clear and organized methods and by guiding you to the most effective resources available. In addition to the components of a successful Information Security Architecture (ISA) detailed in the previous edition, this volume also discusses computer incident/emergency response. The book describes in detail every one of the eight ISA components. Each chapter provides an understanding of the component and details how it relates to the other components of the architecture. The text also outlines how to establish an effective plan to implement each piece of the ISA within an organization. The second edition has been modified to provide security novices with a primer on general security methods. It has also been expanded to provide veteran security professionals with an understanding of issues related to recent legislation, information assurance, and the latest technologies, vulnerabilities, and responses.

About the Author

Jan Killmeyer is an independent consultant specializing in system and network security, enterprise security architecture development, and computer forensics. She is currently a Professor at Butler County Community College teaching computer forensics, economic crime investigation, and network security. Ms. Killmeyer is also responsible for program review of the Computer Forensics Program to ensure effectiveness and continued program development and improvement to include network forensics.

For the past 15 years, Ms. Killmeyer has specialized in the development of integrated enterprisewide security architectures for Fortune 500 companies implementing technology to obtain the strategic business objectives of those organizations. Ms. Killmeyer was the Practice Leader for Technology Risk Services in Pittsburgh and Kentucky at PricewaterhouseCoopers LLP (PwC) and the Information Security Services (ISS) group in the Information Systems Assurance and Advisory Services practice of Ernst & Young. Her responsibilities included information technology auditing, development of Enterprise Security Architecture Services, security policy, standards and procedures development, security penetration studies and risk assessments for operating systems, networks, applications and databases, internal security training program development for staff personnel, and development of the security awareness and training services for clients.

Ms. Killmeyer served 10 years of active duty in the U.S. Army as a communications engineer, specializing in tactical and strategic radio communications in Europe and classified satellite system development. She is currently a lieutenant colonel in her 23rd year of military service and is the battalion commander at the 402nd Quartermaster Battalion in the Army Reserves.

In this Book

  • Information Security Architecture
  • Security Organization / Infrastructure
  • Security Policies, Standards, and Procedures
  • Security Baselines and Risk Assessments
  • Security Awareness and Training Program
  • Compliance
  • Pitfalls to an Effective ISA Program
  • Computer Incident / Emergency Response
  • Conclusion