CDN$ 29.60
  • List Price: CDN$ 46.99
  • You Save: CDN$ 17.39 (37%)
Usually ships within 1 to 3 months.
Ships from and sold by
Gift-wrap available.
Add to Cart
Have one to sell?
Flip to back Flip to front
Listen Playing... Paused   You're listening to a sample of the Audible audio edition.
Learn more
See this image

Mapping Security: The Corporate Security Sourcebook for Today's Global Economy Paperback – Dec 14 2004

Amazon Price New from Used from
"Please retry"
CDN$ 29.60
CDN$ 29.60 CDN$ 0.83

Join Amazon Student in Canada


Product Details

Customer Reviews

There are no customer reviews yet on
5 star
4 star
3 star
2 star
1 star

Most Helpful Customer Reviews on (beta) 14 reviews
3 of 3 people found the following review helpful
Out of the ordinary census of international security May 11 2005
By Jack D. Herrington - Published on
Format: Paperback
I'm really impressed by this book. It's a summarization of a lot of valuable research that you can find nowhere else. Which to me is the definition of a great book. The authors take us on a world tour and give us background on the security concerns in all of the different countries. It's fascinating, insightful and even funny at times. A must have for anyone doing applications business globally.
3 of 3 people found the following review helpful
Secure global ecommerce by Mapping Security Dec 1 2004
By R. Colby Mims - Published on
Format: Paperback
From business executives who want and need to understand the complexities of securing global ecommerce, to consultants and sales people who support global companies, to analysts who evaluate these companies, this is a must read source book. While vast today, electronic commerce is growing very rapidly, and for many if not most companies, electronic commerce will determine success or failure. This book will not only help companies protect their investments in ecommerce, product, market and customer data, but it will also help map strategies for security as they expand to new markets.
2 of 2 people found the following review helpful
A must for crossborder security professionals Oct. 9 2005
By Stephen Northcutt - Published on
Format: Paperback
I have read this book twice, it was different than anything I have ever seen before. The author uses security generically, blending physical security and information security. Most people do not do that, but I think Patterson is simply a year or two ahead of his time.

The first 1/3 of the book was a bit of a waste for me, sort of a know thyself without little exercises. Then you hit the good stuff.

All Americans should read page 105 at least twice. This is also where the value of this book becomes apparent, I will read this section at least one more time. I don't know how much credence I would put in the Mapping Security Index (MSI), where the author tries to quantify the ROSI of doing business in a particular part of the world or another, but the annecdotal bits are great. I have a much better understanding of why my own company has had such an odd experience doing business in Europe.

If you are an American and you have an IT security position with a company doing business in the wider world ( and who doesn't) then I recommend this book. I also recommend a movie called the Coca Cola Kid. It is a bit off color, but it can really help explain why we make the mistakes we make.
2 of 2 people found the following review helpful
Excellent resource for doing global information security May 31 2005
By Ben Rothke - Published on
Format: Paperback
Creating an effective information security infrastructure for a large multi-national company is a challenge. Above and beyond the technology, the software, and the hardware, there are non-tangibles, specificially the cultures and laws where the security solutions, people, and technology will be deployed. Deploying technology without considering the local environment and culture is a sure-fire way to undermine a project.

Today's technology infrastructure is getting more and more complex. Companies are more global with more porous borders. Outsourcing is increasing dramatically, creating an additional need to understand the cultures in the remote locations.

Given all that, Mapping Security: The Corporate Security Sourcebook for Today's Global Economy is a valuable guidebook to deploying information security outside of the United States. Author Tom Patterson is a former Big 4 Information Security partner whose job responsibilities saw him living abroad for much of his adult life. The book is not so much a network security title, but rather a guide to performing the business of security across various cultural and physical borders. Mapping Security is management-level source book for companies and organizations that do - or plan to do - business outside of the United States. Patterson takes his years of living abroad, his successes and his failures, his war stories, and his challenges, and maps them into a usable framework so the reader can better deploy an information security program.

In the book, Patterson details the various opportunities and challenges in each geographic sector across the globe and provides security best practices, rules, and customs for 30 countries. Patterson does a good job of explaining how and where Americans are often perceived to be arrogant by having a overly U.S.-centric view of things.

The book is divided in three parts. Part 1 details the manner in which an effective information security infrastructure can be developed. Chapters 1 through 7 show the necessary steps to building an effective security culture. The book, especially Part 1, is focused not so much on specific technology but rather the processes in which to develop such a security infrastructure.

The heart of the book is in Part 2 where Patterson details his Mapping Security Index (MSI). The function of the MSI is to provide the reader with a metric to determine how an organization can perform security functions in a different country. The book has an MSI for 30 countries, but it does not detail every country, only those where U.S.organizations are likely to do business.

Peterson's expertise comes from living abroad extensively and bringing to the table how business should be done in whatever country you are dealing with. Two of the countries with the highest MSI are Netherlands (90) and Canada (93), with Russia (26) and Saudi Arabia (32) at the bottom. The main advantages of the Netherlands and Canada are that they both have a safe, stable, and effective infrastructure in which to build an information security organization.

Russia, on the other hand, while having a strong technical outsourcing potential has a legal and technical infrastructure that is significantly lacking. Additionally, most other business services are not yet on par with the rest of the region. As to Saudi Arabia, Patterson notes that while it provides a growing domestic marketing, it is an extremely difficult security partner to deal with and has very little cross-border activity. There is extremely little opportunity for women when it comes to the region. He notes that it is practically impossible for women to do business there and observes that "surrendering gender equity is simply the cost of doing business in Saudi Arabia".

Part 3 of the book deals with that challenge of mapping various laws and regulations from different countries. Part of the challenge and headache is dealing with laws from different countries that are contradictory. For example, one country might require an organization to capture and report customer information, while another country forbids it. The question becomes whose law do you break? That is not an easy question to answer, but it is one that needs to be considered.

The author notes that security standards and regulations are the biggest drivers for security around the world and a misstep in dealing with regulations can create the scenario where one could face business impairments, fines, or even prison.

Overall, Mapping Security: The Corporate Security Sourcebook for Today's Global Economy is a very valuable reference guide for anyone who needs to deal with information security in different countries and cultures. By relating security to the international community, the book enables the reader to avoid making those mistakes that can sink a security project.

Patterson has a keen business insight, and the book provides many of his war stories (from illegal barbeques in Germany to an innocuous racial fax paus in South Africa). The book is not overly technical in nature and is both entertaining and informative. For anyone that plans to deploy security outside of the United States Mapping Security should be required reading.
2 of 2 people found the following review helpful
Well-written exec level book with unique prospective April 13 2005
By Dr Anton Chuvakin - Published on
Format: Paperback
This weird little book turned out to be a real gem! While good books on security for senior executives have been popping up in recent times, this one gives a unique prospective on security, tying it to the international nature of modern security landscape. Security is international not only because attackers might be camping anywhere on the globe, but also because of transnational nature of large companies, foreign customers or partners, outsourcing and other matters.

The first, relatively brief part of the book gives a very nice high-level overview of security. Again, while it might sound boring to some, it is actually written in an enjoyable style with lots of examples and fun quotes from various CSOs. My favorite section here is called "Developing Radar'. It covers the process of building awareness of your security environment, through monitoring and auditing of system and user activity. Of course, the book is full of regulatory compliance as well as various ROI (ROSI) scenarios.

The remainder of the book goes country by country and talks about various elements of security and regulatory environment as well as computes an overall score (MSI) for each country. The info is highlighted by various examples of doing business in those countries.

Overall, while the book is definitely for a senior crown, many security professional will benefit from it but getting author's unique prospective on cross-border security. I did enjoy the book without being a CEO...

Anton Chuvakin, Ph.D., GCIA, GCIH, GCFA is a Security Strategist with a major security company. He is an author of the book "Security Warrior" and a contributor to "Know Your Enemy II". In his spare time, he maintains his security portal