Mapping Security: The Corporate Security Sourcebook for Today's Global Economy [Paperback]

Tom Patterson (Author), Scott Gleeson Blue (Author)

Book Description

Publication Date: December 24, 2004 | ISBN-10: 0321304527 | ISBN-13: 978-0321304520 | Edition: 1

This is a management-level book for companies and organizations that are (orwill be) doing business in more than one country. This distinction applies toincreasing numbers of corporations because remaining competitive dependsupon supply chains, customers, and outsourced operations that routinely mapacross the globe. Written in three sections, the book is designed to helpcompanies with security once they, or their extended organization, leave thecomfort of their home turf and encounter new rules, regulations, threats andcustoms. Mapping Security is woven together by the common goal of securebusiness in an entertaining and informative narrative style.

Editorial Reviews

From the Back Cover

Praise for Tom Patterson's Mapping Security

"Tom Patterson captures a compelling and practical view of security in a multinational environment. Your CSO needs to read this book!"

—Dr. Vint Cerf, senior vice president of Technology Strategy at MCI and founder of Internet Protocol (IP)

"The power of the Internet is that it's a global network, seamlessly crossing borders. But it also brings security risks that can cross borders just as easily. Patterson has more than a decade of first-hand experience in defending against such risks and it shows. He uses real-world examples and stories, many from his own career, and offers clear, action-oriented descriptions of the different threats and how to deal with them. This book avoids security jargon and speaks directly to businesspeople around the globe."

—Chris Anderson, Editor in Chief, Wired Magazine

Whether consumers or global giants, we all need to be spending a greater share of our budgets on security. The threats are greater than ever and increasing daily, and yet there is a challenge as to how to justify the expenditure. Mapping Security offers business-oriented and in-depth thinking on how and why to build security into the fabric of the organization. After reading Tom Patterson's book, you will want to make changes with a sense of urgency.

—John R Patrick, president of Attitude LLC and former vice president of Internet Technology at IBM Corporation

As companies of all sizes go global in their search for profit and growth, they will need to understand how to use security as a tool for success in different markets, and Mapping Security shows them how.

—Dr. Craig Fields, former director of Advanced Research Projects Agency (ARPA) for the U.S. Government

The Definitive Guide to Effective Security in Complex Global Markets

Companies are global today and have complex security supply chains, out-sourced operations, and customer relationships that span the world. Today, more than ever, companies must protect themselves against unprecedented threats, understand and adhere to a global mosaic of regulations, and leverage security to enable today's business realities. In Mapping Security, global security expert Tom Patterson shows how to meet these challenges by presenting security best practices, rules, and customs for virtually every country where you do business.

Writing for executives, business managers, security professionals, and consultants, Patterson offers an exceptionally thorough and authoritative briefing on today's global security realities. Using real-world examples, he shows how to change your approach to security as you move more deeply into global markets: how to resolve contradictions among the complex rules and customs you'll have to follow and how to customize security solutions for every market. Along the way, he introduces the Mapping Security Index (MSI), a powerful new metric for rapidly quantifying security risk associated with 30 key markets. Coverage includes

• How technology, mass globalization, and stricter accountability are forcing security to the core of the enterprise

• Six proven keys to defining and implementing global security strategies that work within today's budget realities

• Detailed country-by-country drill downs on security in Europe, the Middle East and Africa, the Americas, and the Asia-Pacific region

• Practical advice on what to do when laws collide

• Quantifying the security posture and associated risks of potential cross-border partners

• "On-the-ground" help: Indispensable local security resources

Visit www.MappingSecurity.com for Tom Patterson's latest updates and analysis, including the latest changes to the MSI country scores, and to participate in the Mapping Security Reader Forum.

© Copyright Pearson Education. All rights reserved.

About the Author

About the Author

Tom Patterson is a business advisor in the areas of security, commerce, and governance.

Patterson has been a successful international security and eCommerce partner at both KPMG and Deloitte, a strategy executive with IBM's Internet Division, and a director of security at MCC, Americas leading R&D consortium. Tom has been a board member of several public companies, has advised all three branches of the U.S. government on Internet and security policy, and is a trusted advisor to company executives around the world.

Patterson regularly comments on the security issues of the day for CNBC and other major media outlets. His track record of success in large scale eCommerce, with three separate projects that have each generated over 500 million dollars online, has him in demand as an author, public speaker, board member, and business advisor.

He currently resides in Pacific Palisades, California, with his wife and son. More information about the author is available at http://www.TPatterson.NET.

© Copyright Pearson Education. All rights reserved.

See all Editorial Reviews

Product Details

• Paperback: 432 pages
• Publisher: Addison-Wesley Professional; 1 edition (December 24, 2004)
• Language: English
• ISBN-10: 0321304527
• ISBN-13: 978-0321304520
• Product Dimensions: 9.2 x 7 x 0.8 inches
• Shipping Weight: 1.5 pounds (View shipping rates and policies)
• Average Customer Review: 4.6 out of 5 stars  See all reviews (16 customer reviews)
• Amazon Best Sellers Rank: #482,943 in Books (See Top 100 in Books)

More About the Author

Tom Patterson is the Chief Security Officer (CSO) for MagTek, Inc., the leading transaction technology provider to the financial industry around the world. Immediately prior to joining MagTek as CSO, Tom founded a public/private security outreach in concert with the Obama administration called National Security Grid, that aims to better secure the 'critical million' small businesses across America through coordination with FBI and intelligence community resources. Tom has had a long career in security, having worked on security for a space shuttle flight (STS-37), the maiden launch of a nuclear aircraft carrier (CVN-73), built industry leading security products (Net/Assure, CyberGuard firewall, TradeWave PKI), worked with the White House in the Middle East, run Deloitte's security business in Europe, Middle East, and Africa, was CSO at America's largest R&D consortium (MCC), built a startup internet company (Command) to $50 million in revenue, and served as IBM's Chief Strategist for Electronic Commerce. Tom is also the author of Mapping Security, the corporate security sourcebook for today's global economy (Addison-Wesley).

Customer Reviews

Most Helpful Customer Reviews

4 of 4 people found the following review helpful:

5.0 out of 5 stars Excellent resource for doing global information security, May 31, 2005

By 

Ben Rothke "Author of 'Computer Security: 20 ... (USA) - See all my reviews
(REAL NAME)   

This review is from: Mapping Security: The Corporate Security Sourcebook for Today's Global Economy (Paperback)

Creating an effective information security infrastructure for a large multi-national company is a challenge. Above and beyond the technology, the software, and the hardware, there are non-tangibles, specificially the cultures and laws where the security solutions, people, and technology will be deployed. Deploying technology without considering the local environment and culture is a sure-fire way to undermine a project.

Today's technology infrastructure is getting more and more complex. Companies are more global with more porous borders. Outsourcing is increasing dramatically, creating an additional need to understand the cultures in the remote locations.

Given all that, Mapping Security: The Corporate Security Sourcebook for Today's Global Economy is a valuable guidebook to deploying information security outside of the United States. Author Tom Patterson is a former Big 4 Information Security partner whose job responsibilities saw him living abroad for much of his adult life. The book is not so much a network security title, but rather a guide to performing the business of security across various cultural and physical borders. Mapping Security is management-level source book for companies and organizations that do - or plan to do - business outside of the United States. Patterson takes his years of living abroad, his successes and his failures, his war stories, and his challenges, and maps them into a usable framework so the reader can better deploy an information security program.

In the book, Patterson details the various opportunities and challenges in each geographic sector across the globe and provides security best practices, rules, and customs for 30 countries. Patterson does a good job of explaining how and where Americans are often perceived to be arrogant by having a overly U.S.-centric view of things.

The book is divided in three parts. Part 1 details the manner in which an effective information security infrastructure can be developed. Chapters 1 through 7 show the necessary steps to building an effective security culture. The book, especially Part 1, is focused not so much on specific technology but rather the processes in which to develop such a security infrastructure.

The heart of the book is in Part 2 where Patterson details his Mapping Security Index (MSI). The function of the MSI is to provide the reader with a metric to determine how an organization can perform security functions in a different country. The book has an MSI for 30 countries, but it does not detail every country, only those where U.S.organizations are likely to do business.

Peterson's expertise comes from living abroad extensively and bringing to the table how business should be done in whatever country you are dealing with. Two of the countries with the highest MSI are Netherlands (90) and Canada (93), with Russia (26) and Saudi Arabia (32) at the bottom. The main advantages of the Netherlands and Canada are that they both have a safe, stable, and effective infrastructure in which to build an information security organization.

Russia, on the other hand, while having a strong technical outsourcing potential has a legal and technical infrastructure that is significantly lacking. Additionally, most other business services are not yet on par with the rest of the region. As to Saudi Arabia, Patterson notes that while it provides a growing domestic marketing, it is an extremely difficult security partner to deal with and has very little cross-border activity. There is extremely little opportunity for women when it comes to the region. He notes that it is practically impossible for women to do business there and observes that "surrendering gender equity is simply the cost of doing business in Saudi Arabia".

Part 3 of the book deals with that challenge of mapping various laws and regulations from different countries. Part of the challenge and headache is dealing with laws from different countries that are contradictory. For example, one country might require an organization to capture and report customer information, while another country forbids it. The question becomes whose law do you break? That is not an easy question to answer, but it is one that needs to be considered.

The author notes that security standards and regulations are the biggest drivers for security around the world and a misstep in dealing with regulations can create the scenario where one could face business impairments, fines, or even prison.

Overall, Mapping Security: The Corporate Security Sourcebook for Today's Global Economy is a very valuable reference guide for anyone who needs to deal with information security in different countries and cultures. By relating security to the international community, the book enables the reader to avoid making those mistakes that can sink a security project.

Patterson has a keen business insight, and the book provides many of his war stories (from illegal barbeques in Germany to an innocuous racial fax paus in South Africa). The book is not overly technical in nature and is both entertaining and informative. For anyone that plans to deploy security outside of the United States Mapping Security should be required reading.

3 of 3 people found the following review helpful:

5.0 out of 5 stars Out of the ordinary census of international security, May 11, 2005

By 

Jack D. Herrington "engineer and author" (Silicon Valley, CA) - See all my reviews
(VINE VOICE)    (REAL NAME)   

This review is from: Mapping Security: The Corporate Security Sourcebook for Today's Global Economy (Paperback)

I'm really impressed by this book. It's a summarization of a lot of valuable research that you can find nowhere else. Which to me is the definition of a great book. The authors take us on a world tour and give us background on the security concerns in all of the different countries. It's fascinating, insightful and even funny at times. A must have for anyone doing applications business globally.

3 of 3 people found the following review helpful:

5.0 out of 5 stars Secure global ecommerce by Mapping Security, December 1, 2004

By 

R. Colby Mims "Program Director - large scale... (Palm Beach, FL USA) - See all my reviews
(REAL NAME)   

This review is from: Mapping Security: The Corporate Security Sourcebook for Today's Global Economy (Paperback)

From business executives who want and need to understand the complexities of securing global ecommerce, to consultants and sales people who support global companies, to analysts who evaluate these companies, this is a must read source book. While vast today, electronic commerce is growing very rapidly, and for many if not most companies, electronic commerce will determine success or failure. This book will not only help companies protect their investments in ecommerce, product, market and customer data, but it will also help map strategies for security as they expand to new markets.