X

An Oracle blog about Consulting Security Corner

  • February 11, 2010

Book Review - Enterprise Security For The Executive

Guest Author

I finally got a chance to read through the book Enterprise Security for the Executive by Jennifer Bayuk.

It's not a technical book - rather as the title suggests it explains why security is important for the CXO level management and processes for achieving success.

For most readers of this blog - there won't be anything new but then, I would argue the book isn't to convince us directly. Rather it does provide stories we can use to make points about security and strategies to help get the point across to management.

Because as the book wisely summarizes - Security is about management control.

Meaning - what to secure and at what level of security is a management decision.

And this is often a tricky situation because there is no such thing as perfect security because people also know threat plus vulnerability does not equal damage.

The problem is the "threat + vulnerability != damage" equation is true - it can change quickly.  That's why you need to make sure management understands to do regular (at least annual) reviews of  threats and compliance. You also need  to make sure that your identity management includes technology like Oracle Virtual Directory that can be used to quickly adapt to your changing risk and compliance needs.

<a href=""http://feedburner.google.com/fb/a/mailverify?uri=virtualidentitydialogue&amp;loc=en_US">Subscribe to Virtual Identity Dialogue by Email</a>

 

--

Posted via email from Virtual Identity Dialogue

Be the first to comment

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.Captcha