or
Sign in to turn on 1-Click ordering.
or
Amazon Prime Free Trial required. Sign up when you check out. Learn More
Sell Back Your Copy
For a $5.72 Gift Card
Trade in
More Buying Choices
Have one to sell? Sell yours here
Managing an Information Security and Privacy Awareness and Training Program, Second Edition
 
 
Share your own customer images
Search inside this book
Tell the Publisher!
I'd like to read this book on Kindle

Don't have a Kindle? Get your Kindle here, or download a FREE Kindle Reading App.

Managing an Information Security and Privacy Awareness and Training Program, Second Edition [Hardcover]

Rebecca Herold (Author)
4.8 out of 5 stars  See all reviews (9 customer reviews) |
List Price: $79.95
Price: $67.58 & this item ships for FREE with Super Saver Shipping. Details
You Save: $12.37 (15%)
  Special Offers Available
o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o
In Stock.
Ships from and sold by Amazon.com. Gift-wrap available.
Only 7 left in stock--order soon (more on the way).
Want it delivered Friday, June 1? Choose One-Day Shipping at checkout. Details
Textbook Student FREE Two-Day Shipping for students on millions of items. Learn more

Formats

 Amazon Price New from Used from
Hardcover $67.58   -- --

Book Description

Publication Date: August 24, 2010 | ISBN-10: 1439815453 | ISBN-13: 978-1439815458 | Edition: 2

Starting with the inception of an education program and progressing through its development, implementation, delivery, and evaluation, Managing an Information Security and Privacy Awareness and Training Program, Second Edition provides authoritative coverage of nearly everything needed to create an effective training program that is compliant with applicable laws, regulations, and policies. Written by Rebecca Herold, a well-respected information security and privacy expert named one of the "Best Privacy Advisers in the World" multiple times by Computerworld magazine as well as a "Top 13 Influencer in IT Security" by IT Security Magazine, the text supplies a proven framework for creating an awareness and training program. It also:

  • Lists the laws and associated excerpts of the specific passages that require training and awareness
  • Contains a plethora of forms, examples, and samples in the book’s 22 appendices
  • Highlights common mistakes that many organizations make
  • Directs readers to additional resources for more specialized information
  • Includes 250 awareness activities ideas and 42 helpful tips for trainers

Complete with case studies and examples from a range of businesses and industries, this all-in-one resource provides the holistic and practical understanding needed to identify and implement the training and awareness methods best suited to, and most effective for, your organization.

Praise for:

The first edition was outstanding. The new second edition is even better ... the definitive and indispensable guide for information security and privacy awareness and training professionals, worth every cent. As with the first edition, we recommend it unreservedly..
—NoticeBored.com

Special Offers and Product Promotions

  • Buy $50 in qualifying physical textbooks, get $2 in Amazon MP3 Credit. Here's how (restrictions apply)

Frequently Bought Together

Managing an Information Security and Privacy Awareness and Training Program, Second Edition + Managing the Human Factor in Information Security: How to win over staff and influence business managers + Security Risk Management: Building an Information Security Risk Management Program from the Ground Up
Price For All Three: $150.37

Show availability and shipping details

Buy the selected items together

Editorial Reviews

Review

The first edition was outstanding. The new second edition is even better - an excellent textbook packed with sound advice and loads of tips to make your security awareness program pull its weight.… engaging and stimulating, easy to read yet at the same time thought-provoking. … chock-full of good ideas, not just theoretical concepts but solid practical advice that can be put to use immediately. A side effect is that there are lots of lists, tables and bullet points but they are well structured and succinctly summarize the key points. …an excellent reference text. Extensive appendices (130 pages) include sample awareness materials and plans, a security glossary, various checklist/questionnaires and references. This is the definitive and indispensable guide for information security and privacy awareness and training professionals, worth every cent. As with the first edition, we recommend it unreservedly.
—NoticeBored.com

This book is remarkable because it covers in detail all the facets of providing effective security awareness training…I can, without reservation, recommend use of this book to any organization faced with the need to develop a successful training and awareness program. It surely provides everything you need to know to create a real winner.
—Hal Tipton, from the Foreword

Rebecca Herold has the answers in her definitive book on everything everybody needs to know about how to impart security awareness, training, and motivation. Motivation had been missing from the information security lexicon until Herold put it there in most thorough and effective ways … She demonstrates that security must become a part of job performance rather than being in conflict with job performance… The power of this book also lies in applying real education theory, methods, and practice to teaching security awareness and training … After reading this book, there is no question about the necessary and important roles of security awareness, training, and motivation.
—Donn B. Parker, CISSP, from the Preface

Rebecca Herold, an independent computer security advisor, knows privacy. Not all security consultants do. In her latest book, Managing an Information Security and Privacy Awareness and Training Program, Herold has collected her best advice.
—Privacy Journal

… perfect for lay and professional audiences, this is a guide not for implementing technical necessities but for getting everybody in an organization on board.
—Journal of Productive Innovation

About the Author

Rebecca Herold, LLC, Van Meter, Iowa, USA

Product Details

  • Hardcover: 568 pages
  • Publisher: CRC Press; 2 edition (August 24, 2010)
  • Language: English
  • ISBN-10: 1439815453
  • ISBN-13: 978-1439815458
  • Product Dimensions: 9.3 x 6.1 x 1.3 inches
  • Shipping Weight: 2 pounds (View shipping rates and policies)
  • Average Customer Review: 4.8 out of 5 stars  See all reviews (9 customer reviews)
  • Amazon Best Sellers Rank: #922,599 in Books (See Top 100 in Books)

    •  Would you like to update product info or give feedback on images?

More About the Author

Visit Amazon's Rebecca Herold Page
Rebecca Herold
See my business website at: http://www.privacyprofessor.com
Follow me on Twitter at: http://twitter.com/privacyprof
Find me on LinkedIn at: http://www.linkedin.com/in/rebeccaherold
Follow my blog at: http://www.realtime-itcompliance.com

Customer Reviews

3 star
0
2 star
0
1 star
0
Most Helpful Customer Reviews
20 of 20 people found the following review helpful
Format:Hardcover
I'll begin by saying that I have two broad comments about Ms. Herold's new book, Managing an Information Security and Privacy Awareness and Training Program. First, it may be the definitive book on the topic and seems to have enough meat to be the definitive book on the practice of information security in general. It approaches the profession in the right way: people-oriented. That is rare and important. Second, I actually read it from cover to cover - a rare thing for me. Professional books usually find their ways to my reference library and are used mostly for that purpose, not for general reading.

In the over twenty years I have been in the information security profession I have seen a lot of approaches to managing the security of organizational information. There is one common thread that ties all of those approaches together. The successful ones address the people who use and manage that information. Technology simply is a collection of tools to assist the information assurance manager with the task. It has been said that there are management solutions to technical problems but no technical issues to management problems. Ms. Herold addresses this homily head-on and does it with style, personality and skill.

Her experience shows as does the commentary from two icons in our profession, Donn Parker and Hal Tipton. If you have any questions about whether you should buy this book, read their comments in the Preface and Forward.

I have known Becky for many years and I respect her skill, experience and ability to present important issues clearly, concisely and understandably. Her latest book does all that and more.

If I was told that I was moving to a new office and could take only two boxes of books with me from my library, I would fill both with technical books but I would leave space for the only two general books on information assurance I will ever need. One is "The Computer Security Handbook" edited by my good friend and long-time colleague Dr. Mich Kabay. The other would have to be "Managing an Information Security and Privacy Awareness and Training Program". It would take more than the two boxes to cover technical issues in security, but I could put Mich's and Becky's books in my brief case. Then I would have the perfect security library.

This book is highly recommended for any information assurance professional (or aspiring professional), manager with information assurance responsibilities, or training coordinator. I'm sure there are others who need this new offering as well, but Amazon only allows so much space for these reviews. I also will be highly recommend this book to our students in the MSIA program at Norwich.

Peter R. Stephenson, PhD, CISSP, CISM, FICAF

Associate Program Director, MSIA

Norwich University
Comment | 
Was this review helpful to you?
8 of 8 people found the following review helpful
Format:Hardcover
Managing an Information Security and Privacy Awareness and Training Program is without a doubt the definitive reference on creating an information security awareness program

Behind most information security problems are users who are untrained in security or unaware of the security risks. Millions of dollars of firewalls and cryptography can be bypassed by an unaware end-user.

Managing an Information Security and Privacy Awareness and Training Program is a tremendous book that can be used as a foundation for an effective and comprehensive information security awareness program.

The book contains the fundamental and metrics of why you need an awareness program, and everything you need to set up such a program.

The book is filled with good and advice and direction. Chapter 14 contains 143 methods for effective awareness. The other chapters provide equally effective information and advice.

At 500 pages, this book contains everything you need to know about creating and setting up an effective awareness program and is highly recommended.
Comment | 
Was this review helpful to you?
7 of 7 people found the following review helpful
Format:Hardcover|Amazon Verified Purchase
If your organization is considering a security or privacy awareness program, this book will pay for itself many times over. I am not aware of any other resource that includes this much material about the art and science of awareness and training. Although this book is over 500 pages long, I found it easy to jump to specific chapters to get just the information I needed. The main chapters cover every aspect of program development including: planning, establishing a business case, budgeting, selling management, audience selection, material design and development, implementation, and measurement. Chapter 10 alone - which maps over 50 different awareness topics to various job roles - should save an organization thousands of dollars in program planning. And don't overlook the Appendices. Almost every sample form and worksheet you would need is available as an appendix. The assessment questionnaires alone should save dozens of hours of development. Definitely one of best security awareness investments your organization will ever make.
Comment | 
Was this review helpful to you?
Most Recent Customer Reviews
Learn How to Avoid Security Breaches with This Guide on InfoSec...
There is one individual who always has our security and privacy interests first and foremost: Rebecca Herold. Read more
Published 11 months ago by Debbie L
A MUST read!!
Rebecca Herold is one of the leading authorities and experts on privacy and information security awareness training. Read more
Published 13 months ago by Keith Mattox
Great resource for any information security awareness program
This book is a must-read for anyone building an information security awareness program. Ms. Herold lays out a fantastic game plan for security awareness for not only the sake of... Read more
Published 16 months ago by L. Brennan
A Definitive Roadmap to building a credible and sustainable...
In this work, Rebecca Herold deftly lays out a framework that is easy to follow and comprehensive. She has skilfully managed to compile material that would otherwise take a... Read more
Published on April 25, 2008 by Randolph J Waugh, I.S.P. ITILF CNP CISSP
Good, but too long
I am not a friend nor acquaintance of Ms. Herold. I believe this is a good book on Awareness Training and would recommend it to professionals in that field and to security... Read more
Published on January 14, 2006 by F. Scholl
Indispensable
Rebecca Herold introduces her own book very eloquently: "I wrote this book to provide a starting point and an all-in-one resource for information security and privacy education... Read more
Published on January 1, 2006 by Dr. G. Hinson
Search Customer Reviews
Only search this product's reviews
Front Cover | Table of Contents | First Pages | Index | Back Cover | Surprise Me!
Search Inside This Book:
Inside This Book (learn more)
Browse Sample Pages:
Front Cover | Table of Contents | First Pages | Index | Back Cover | Surprise Me!
Search Inside This Book:

Tags Customers Associate with This Product

 (What's this?)
Click on a tag to find related items, discussions, and people.
 
(1)
(1)
Agree with these tags?

Your tags: Add your first tag
 
See most popular tags

Sell a Digital Version of This Book in the Kindle Store

If you are a publisher or author and hold the digital rights to a book, you can sell a digital version of it in our Kindle Store. Learn more

Customer Discussions

This product's forum
Discussion Replies Latest Post
No discussions yet

Ask questions, Share opinions, Gain insight
Start a new discussion
Topic:
First post:
Prompts for sign-in
 


Active discussions in related forums
Search Customer Discussions
Search all Amazon discussions
   
Related forums

So You'd Like to...


Create a guide

Look for Similar Items by Category

Look for Similar Items by Subject

Search Books by subject:



















i.e., each book must be in subject 1 AND subject 2 AND ...