Mission-Critical Security Planner and over one million other books are available for Amazon Kindle. Learn more
CDN$ 41.37
  • List Price: CDN$ 65.99
  • You Save: CDN$ 24.62 (37%)
Usually ships within 3 to 5 weeks.
Ships from and sold by Amazon.ca.
Gift-wrap available.
Quantity:1
Add to Cart
Have one to sell?
Flip to back Flip to front
Listen Playing... Paused   You're listening to a sample of the Audible audio edition.
Learn more
See this image

Mission-Critical Security Planner: When Hackers Won't Take No for an Answer Paperback – Jan 20 2003


See all 2 formats and editions Hide other formats and editions
Amazon Price New from Used from
Kindle Edition
"Please retry"
Paperback
"Please retry"
CDN$ 41.37
CDN$ 6.42 CDN$ 1.56

Join Amazon Student in Canada


NO_CONTENT_IN_FEATURE

Product Details

  • Paperback: 432 pages
  • Publisher: Wiley; 1 edition (Jan. 20 2003)
  • Language: English
  • ISBN-10: 0471211656
  • ISBN-13: 978-0471211655
  • Product Dimensions: 24 x 19 x 2 cm
  • Shipping Weight: 662 g
  • Average Customer Review: 4.9 out of 5 stars  See all reviews (8 customer reviews)
  • Amazon Bestsellers Rank: #2,817,417 in Books (See Top 100 in Books)
  • See Complete Table of Contents


Inside This Book (Learn More)
First Sentence
Security isn't a product, a feature, or anything that we can simply acquire and then implement, confident that it will work now and forever after. Read the first page
Explore More
Concordance
Browse Sample Pages
Front Cover | Copyright | Table of Contents | Excerpt | Index | Back Cover
Search inside this book:

Customer Reviews

4.9 out of 5 stars
5 star
7
4 star
1
3 star
0
2 star
0
1 star
0
See all 8 customer reviews
Share your thoughts with other customers

Most helpful customer reviews

By Mike Tarrani TOP 1000 REVIEWER on March 20 2004
Format: Paperback
This book, especially if used in conjunction with the author's web site (see ASIN B0000C7RBX), is one of the most valuable additions to the IT security profession that I've read. My reasons for making this bold statement include:
- The book provides a coherent and focused approach to developing and implementing a security plan. You can find numerous books on writing and implementing policies and procedures, or establishing a security posture, but this is the first book I've read that steps you through the process of conceiving, implementing and keeping alive a viable security plan.
- By separating the process into three distinct domains (referred to as 'stacks') you ensure that your plan encompasses and integrates the technology, process and business elements into a coherent strategy.
- Artifacts in the form of a complete set of worksheets provide a set of tools that give a framework and speed up the planning process.
The planning approach set forth in the book is straightforward and realistic - you're led through the preliminaries, which includes conceiving a plan that matches your needs, and selling the plan to sponsors (an often overlooked, but essential activity when fighting for budget). The next step is to perform an impact analysis, and this is where the book shines, because the author focuses on business issues instead of technology. This promotes awareness and goes a long way towards getting buy-in and funding, as well as laying a solid foundation for a long-term security plan. Next the author shows how to select the correct security model and avoid common pitfalls. These lead to building organizational consensus - buy-in from all stakeholders.
Read more ›
Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again.
Format: Paperback
The truth is, hackers and other attackers won't take no for an answer, and while there is absolutely no way to stop attackers from trying; there are ways to stop them in their tracks.

With that, Mission-Critical Security Planner is a surprisingly good book, aimed at someone looking to start developing their information security infrastructure. Rather than having to reinvent the wheel, the book provides planners with the framework and tools they need to create their information security infrastructure.
One good feature of the book it is large collection of templates and worksheets on various security elements. .../
The book is not overly technical and is quite good for those who need to get their security group up and running in a short timeframe.
For those that are serious about security, they will find that Mission-Critical Security Planner is like a cookbook. They can use it to prepare their security as needed.
Overall, Mission-Critical Security Planner is a very readable and useful book. Those who have an imperative to get their security groups up and running will find huge value in the book immediately.
Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again.
Format: Paperback
It is very rarely, that you'd see a good high-level security book nowadays. There are lots of great "worm-eye view" books with nice detailed descriptions of attacks, defenses, secure configuration options, tools and tricks. However, many of the high-level books resolve to quoting some outdated CSI/FBI survey, blabbering about security policy and giving out piles of outworldly advice on how to "mitigate risks".
This visionary book proves the opposite: you can have a high-level security book, which is not just practical, but actionable. "Mission Critical Security Planner" delivers a portion of the security process, packed into one toolkit. Make no mistake - this book is about planning how to do security, not how to tweak your scanner or configure a firewall. However, planning is indeed a critical (and, as the author points out, often missing) piece of security conundrum, and the book delivers on that.
An awesome component of the book is a large collection of templates and worksheets on "selling" security measures, planning the implementations, organizing security team, dealing with various business people and many other occasions. The book has the printed versions while its companion website criticalsecurity.com has the download.
The main part of the book is organized around "security fundamentals", large domains of security (such as authentication, encryption, integrity, privacy, etc), which are used to structure the security planning process, described by the author.
Read more ›
Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again.
Format: Paperback
In Mission-Critical Security Planner, Greenberg lays out all the security elements that should concern you and what questions you should ask about them. With this book, half the battle is won because you at least know how to do the planning. You still have to do the planning, but with the worksheets and tips provided in the book, that will be much easier than it used to be.
I read the book twice: once to get an idea of what all the worksheets were about and once to really read them with all the technical and practical details provided by Greenberg.
Greenberg identifies 28 security elements, including 15 fundamental elements, (six of which are core elements), and 13 wrap-up elements. Core elements include things like authorization and access control, authentication, encryption, integrity, nonrepudiation, and privacy. Those may seem obvious, but Greenberg has a lot of useful things to say about them that others haven't said.
Perhaps the most valuable part of the book is all the other elements, which we tend to forget, including addressing and routing (with tips on how to get those right from a security point of view), configuration management, directory services, time services, staff management, legal issues, and so on.
I'd be interested to see some projects get implemented with Greenberg's methods. I think it should work quite well, although due to entropy, laziness, over-worked engineers, and other such factors, I would guess that some of the numerous worksheets will fall by the wayside. But I think Greenberg would be OK with that as long as most of the worksheets are maintained and the company adopts security as a way of thinking.
In summary, this book is definitely worth reading, probably numerous times!
Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again.


Feedback