This comprehensive and timely resource examines security risks related to IT outsourcing, clearly showing you how to recognize, evaluate, minimize, and manage these risks. Unique in its scope, this single volume offers you complete coverage of the whole range of IT security services and fully treats the IT security concerns of outsourcing. The book helps you deepen your knowledge of the tangible and intangible costs and benefits associated with outsourcing IT and IS functions.
Faced with a decreasing supply of national troops, dwindling defense budgets, and the ever-rising demand for boots on the ground in global conflicts and humanitarian emergencies, decision makers are left with little choice but to legalize and legitimize the use of private military contractors (PMCs). Outsourcing Security examines the impact that bureaucratic controls and the increasing permissiveness of security environments have had on the U.S. military’s growing use of PMCs during the late twentieth and early twenty-first centuries. Bruce E. Stanley examines the relationship between the rise of the private security industry and five potential explanatory variables tied to supply-and-demand theory in six historical cases, including Operation Desert Storm in 1991, the U.S. intervention in Bosnia in 1995, and Operation Iraqi Freedom in 2003. Outsourcing Security is the only work that moves beyond a descriptive account of the rise of PMCs to lay out a precise theory explaining the phenomenon and providing a framework for those considering PMCs in future global interaction.
Conveniently structured into five sections, The Routledge Research Companion to Outsourcing Security offers an overview of the different ways in which states have come to rely on private contractors to support interventions. Part One puts into context the evolution of outsourcing in Western states that are actively involved in expeditionary operations as well as the rise of the commercial security sector in Afghanistan. To explain the various theoretical frameworks that students can use to study security/military outsourcing, Part Two outlines the theories behind security outsourcing. Part Three examines the law and ethics surrounding the outsourcing of security by focusing on how states might monitor contractor behaviour, hold them to account and prosecute them where their behaviour warrants such action. The drivers, politics and consequences of outsourcing foreign policy are covered in Part Four, which is divided into two sections: section one is concerned with armed contractors (providing the provision of private security with the main driver being a capability gap on the part of the military/law enforcement agencies), and section two looks at military contractors (supporting military operations right back to antiquity, less controversial politically and often technologically driven). The final Part takes into consideration emerging perspectives, exploring areas such as gender, feminist methodology, maritime security and the impact of private security on the military profession. This book will be of much interest to students of military and security studies, foreign policy and International Relations.
Information security is everyone's concern. The way we live is underwritten by information system infrastructures, most notably the Internet. The functioning of our business organizations, the management of our supply chains, and the operation of our governments depend on the secure flow of information. In an organizational environment information security is a never-ending process of protecting information and the systems that produce it.This volume in the "Advances in Management Information Systems" series covers the managerial landscape of information security. It deals with how organizations and nations organize their information security policies and efforts. The book covers how to strategize and implement security with a special focus on emerging technologies. It highlights the wealth of security technologies, and also indicates that the problem is not a lack of technology but rather its intelligent application.
The Manager's Handbook for Corporate Security: Establishing and Managing a Successful Assets Protection Program, Second Edition, guides readers through today's dynamic security industry, covering the multifaceted functions of corporate security and providing managers with advice on how to grow not only their own careers, but also the careers of those they manage on a daily basis. This accessible, updated edition provides an implementation plan for establishing a corporate security program, especially for those who have little or no knowledge on the topic. It also includes information for intermediate and advanced professionals who are interested in learning more about general security, information systems security, and information warfare. - Addresses today's complex security industry, the role of the security manager, the diverse set of corporate security functions, and skills for succeeding in this dynamic profession - Outlines accessible, comprehensive implementation plans for establishing asset protection programs - Provides tactics for intermediate and advanced professionals on the topics of general security, information systems security, and information warfare - Offers new perspectives on the future of security and evolving expectations of security professionals
The Workshop on the Economics of Information Security (WEIS) is the leading forum for interdisciplinary research and scholarship on information security and privacy, combining ideas, techniques, and expertise from the fields of economics, social science, business, law, policy, and computer science. In 2009, WEIS was held in London, at UCL, a constituent college of the University of London. Economics of Information Security and Privacy includes chapters presented at WEIS 2009, having been carefully reviewed by a program committee composed of leading researchers. Topics covered include identity theft, modeling uncertainty's effects, future directions in the economics of information security, economics of privacy, options, misaligned incentives in systems, cyber-insurance, and modeling security dynamics. Economics of Information Security and Privacy is designed for managers, policy makers, and researchers working in the related fields of economics of information security. Advanced-level students focusing on computer science, business management and economics will find this book valuable as a reference.
Clarifying the purpose and place of strategy in an information security program, this book explains how to select, develop, and deploy the security strategy best suited to your organization. It focuses on security strategy planning and execution to provide a comprehensive look at the structures and tools needed to build a security program that enables and enhances business processes. Divided into two parts, the first part considers business strategy and the second part details specific tactics that support the implementation of strategic planning initiatives, goals, and objectives.
Considered the gold-standard reference on information security, the Information Security Management Handbook provides an authoritative compilation of the fundamental knowledge, skills, techniques, and tools required of today's IT security professional. Now in its sixth edition, this 3200 page, 4 volume stand-alone reference is organized under the CISSP Common Body of Knowledge domains and has been updated yearly. Each annual update, the latest is Volume 6, reflects the changes to the CBK in response to new laws and evolving technology.
This handbook offers a comprehensive overview of cloud computing security technology and implementation, while exploring practical solutions to a wide range of cloud computing security issues. With more organizations using cloud computing and cloud providers for data operations, proper security in these and other potentially vulnerable areas have become a priority for organizations of all sizes across the globe. Research efforts from both academia and industry in all security aspects related to cloud computing are gathered within one reference guide.
The need for information security management has never been greater. With constantly changing technology, external intrusions, and internal thefts of data, information security officers face threats at every turn. The Information Security Management Handbook on CD-ROM, 2006 Edition is now available. Containing the complete contents of the Information Security Management Handbook, this is a resource that is portable, linked and searchable by keyword. In addition to an electronic version of the most comprehensive resource for information security management, this CD-ROM contains an extra volume's worth of information that is not found anywhere else, including chapters from other security and networking books that have never appeared in the print editions. Exportable text and hard copies are available at the click of a mouse. The Handbook's numerous authors present the ten domains of the Information Security Common Body of Knowledge (CBK) ®. The CD-ROM serves as an everyday reference for information security practitioners and an important tool for any one preparing for the Certified Information System Security Professional (CISSP) ® examination. New content to this Edition: Sensitive/Critical Data Access Controls Role-Based Access Control Smartcards A Guide to Evaluating Tokens Identity Management-Benefits and Challenges An Examination of Firewall Architectures The Five "W's" and Designing a Secure Identity Based Self-Defending Network Maintaining Network Security-Availability via Intelligent Agents PBX Firewalls: Closing the Back Door Voice over WLAN Spam Wars: How to Deal with Junk E-Mail Auditing the Telephony System: Defenses against Communications Security Breaches and Toll Fraud The "Controls" Matrix Information Security Governance
