Author: Editor Bob Fahy
ISBN No: 9780128008430
Review date: 04/05/2024
No of pages: 75
Publisher: Elsevier
Publisher URL:
http://store.elsevier.com/product.jsp?isbn=9780128008430&pagename=search
Year of publication: 22/08/2014
Brief:
Security Leader Insights for Information Protection: Lessons and Strategies from Leading Security Professionals, edited by Bob Fahy
price
£11.99
As the title suggests, this short book takes a best practice approach to information protection. The editor, Bob Fahy, is director of corporate security at Kraft Foods.
As a sign of quite how widespread and damaging attacks on data security can be to corporates, one of the chapters has some pages from an assets protection director of Target Corporation – the retailer in the United States that suffered a large and painful data breach. As the writer makes no comment on the data loss, presumably it happened after he wrote his piece and it went to print. That makes poignant such lines as: “Any damage to the company as a whole is damaging to security, because the bottom line impacts every business unit. But in the cas of a network breach, security is directly in the line of fire. When senior management and the board come to find out how this could have happened, they’ll head straight for security’s door. Fortunately it seems that security is not always the sacrificial lamb any more. Security executives at companies that have suffered some of the biggest breaches in recent years still have their jobs.” And judging by his Linkedin page, Tony Heredia is still there at Target.
That extract shows the strong and weak points of this point. You get views from men and women in the field, security people at such well-known names as Microsoft, Dow Jones and Honeywell, besides consultants. While that can help, it does not give you a systematic approach or advice on what you can do. So you might take comfort from the admission that chiefs of security are – in error – thinking of PCI DSS – compliance with credit card data security standards – as a one-off to meet, rather than a process to keep checking. Or, over the page from that, you get the nugget that IT people ‘often feel a great deal of personal ownership over some projects’ which can lead to back-biting and distrust inside a business. Which is useful, but does not tell you how to go about acting on it. If you are scratching your head over data leaks or cyber-security this is a useful book to give you ideas or to feel thankful that others are in the same boat. But what to do exactly with those ideas, you will have to work out yourself or turn to other, longer and more detailed, books.
Security Leader Insights for Information Protection: Lessons and Strategies from Leading Security Professionals, edited by Bob Fahy. Published 2014 by Elsevier. ISBN 9780128008430. Pages: 74, online price £11.99. Visit www.elsevier.com.
