Wiley.com
Print this page Share

Securing E-Business Systems: A Guide for Managers and Executives

ISBN: 978-0-471-07298-0
Hardcover
288 pages
April 2002
List Price: US $45.00
Government Price: US $22.95
Enter Quantity:   Buy
Securing E-Business Systems: A Guide for Managers and Executives (0471072982) cover image
This is a Print-on-Demand title. It will be printed specifically to fill your order. Please allow an additional 10-15 days delivery time. The book is not returnable.

Preface.

Chapter 1 Electronic Business Systems Security.

Introduction.

How Is E-Business Security Defined?

Can E-Business Security Be Explained More Simply?

Is E-Business Security Really Such a Big Deal?

Is E-Business Security More Important Than Other Information Technology Initiatives?

How Does an Organization Get Started?

Instead of Playing "Catch-Up," What Should an Organization Be Doing to Design E-Business Systems That Are Secure in the First Place?

Chapter 2 E-Business Systems and Infrastructure Support Issues.

Introduction.

E-Business Defined.

A Short History of E-Business Innovations.

The Need for Secure E-Business Systems.

Software: The Vulnerable Underbelly of Computing.

The Interoperability Challenge and E-Business Success.

E-Business Security: An Exercise in Trade-Offs.

Few Systems Are Designed to Be Secure.

Conclusion.

Chapter 3 Security Weaknesses in E-Business Infrastructure and "Best Practices" Security.

Introduction.

Fundamental Technical Security Threats.

The Guiding Principles of Protection.

"Best Practice" Prevention, Detection, and Countermeasures and Recovery Techniques.

x Chapter 4 Managing E-Business Systems and Security.

Introduction.

Part One: Misconceptions and Questionable Assumptions.

Part Two: Managing E-Business Systems as a Corporate Asset.

Part Three: E-Business Security Program Management.

Chapter 5 A "Just-in-Time" Strategy for Securing the E-Business System: The Role for Security Monitoring and Incident Response.

The Current State of E-Business Security.

Standard Requirements of an E-Business Security Strategy.

A New Security Strategy.

The Crucial Role of Security Monitoring and Incident Response to the Securing of E-Business Systems.

The Current State of Intrusion Detection Systems (IDS).

Defining a Cost-Effective Security Monitoring and Incident Response Capability.

Alternatives to Building "Your Own" Security Monitoring and Incident Response Capability.

Summary.

Chapter 6 Designing and Delivering Secured E-Business Application Systems.

Introduction.

Past Development Realities.

Contemporary Development Realities.

Developing Secured E-Business Systems.

Using the SDR Framework.

Choosing a Systems Development Methodology That Is Compatible with the SDR Framework.

Participants in the Identification of Security and Integrity Controls.

Importance of Automated Tools.

A Cautionary Word About New Technologies.

Summary and Conclusions.

Chapter 7 Justifying E-Business Security and the Security Management Program.

Introduction.

The "Quantifiable" Argument.

Emerging "Nonquantifiable" Arguments.

Benefits Justifications Must Cover Security Program Administration.

Conclusion.

Chapter 8 Computers, Software, Security, and Issues of Liability.

Evolving Theories of Responsibility.

Likely Scenarios.

How Might a Liability Case Unfold?

Questions to Be Asked to Ensure That Reasonable Care Has Been Taken in Developing a Secure E-Business System.

Chapter 9 The National Critical Infrastructure Protection (CIP) Initiative.

The Problem of Dependency.

Critical Infrastructure Protection (CIP) Purpose, Directives, Organizations, and Relationships.

Frequently Asked Questions About the IT-ISAC.

Critical Information Infrastructure Protection Issues that Need Resolution.

Appendix A: Y2K Lessons Learned and Their Importance for E-Business Security.

Appendix B: Systems Development Review Framework for E-Business Development Projects.

Appendix C: A Corporate Plan of Action for Securing E-Business Systems (Sample).

Appendix D: E-Business Risk Management Review Model Instructions for Use.

Appendix E: Resources Guide.

Index.
Back to Top