Mission-Critical Security Planner and over one million other books are available for Amazon Kindle. Learn more
Buy New
$39.50
Qty:1
  • List Price: $55.00
  • Save: $15.50 (28%)
In Stock.
Ships from and sold by Amazon.com.
Gift-wrap available.
Add to Cart
Have one to sell? Sell on Amazon
Flip to back Flip to front
Listen Playing... Paused   You're listening to a sample of the Audible audio edition.
Learn more
See this image

Mission-Critical Security Planner: When Hackers Won't Take No for an Answer Paperback – January 20, 2003

ISBN-13: 978-0471211655 ISBN-10: 0471211656 Edition: 1st

Buy New
Price: $39.50
50 New from $5.21 37 Used from $0.01 1 Collectible from $10.00
Amazon Price New from Used from
eTextbook
"Please retry"
Paperback
"Please retry"
$39.50
$5.21 $0.01

Free%20Two-Day%20Shipping%20for%20College%20Students%20with%20Amazon%20Student


NO_CONTENT_IN_FEATURE

Shop the New Digital Design Bookstore
Check out the Digital Design Bookstore, a new hub for photographers, art directors, illustrators, web developers, and other creative individuals to find highly rated and highly relevant career resources. Shop books on web development and graphic design, or check out blog posts by authors and thought-leaders in the design industry. Shop now

Product Details

  • Paperback: 432 pages
  • Publisher: Wiley; 1 edition (January 20, 2003)
  • Language: English
  • ISBN-10: 0471211656
  • ISBN-13: 978-0471211655
  • Product Dimensions: 9.4 x 7.5 x 0.8 inches
  • Shipping Weight: 1.5 pounds (View shipping rates and policies)
  • Average Customer Review: 4.9 out of 5 stars  See all reviews (9 customer reviews)
  • Amazon Best Sellers Rank: #4,057,169 in Books (See Top 100 in Books)

Editorial Reviews

Review

“…This book is unique in its approach…and in conveying the overall strategy to the reader…”(Managing Risk, Summer 2003)

From the Back Cover

All the worksheets and templates you need to create a complete customized security plan that works for your business

Let's face it: Security is a business problem, not just a technical challenge. Whether hackers simply want to test their skills or steal your data, they can-and will-do incalculable damage to your company. You need a solid plan. The good news is that Eric Greenberg has done most of the planning work for you.

This isn't just an "I told you so" book. You get hands-on involvement from the start. You'll see your own customized security plan template begin to take shape as you complete the accompanying worksheets. Choose any one of the security plans outlined in this book, and you will be able to protect your data and deter hackers. And by implementing the proven strategies Greenberg details, you can secure your company's competitive edge for the long term.

Backed up by solid business planning methods collected from years of experience, Greenberg:
* Steps you through a complete customized security improvement plan
* Provides worksheets at every stage that you can use to create a comprehensive and meaningful security plan
* Introduces practical risk management techniques to intelligently assess and manage the network security risks and costs facing your organization

The book's companion Web site contains the security planning template and all the worksheets in downloadable Microsoft Word format as well as additional resources to ensure that you have exactly what you need to protect your company.

More About the Author

Eric Greenberg has more than 25 years of groundbreaking Internet, security and IT experience as an executive, author, and consultant. Highlights of Eric's career include his role at Netscape where he led their security group managing the deployment of a range of pioneering technologies including the one used for nearly all security on the Internet today, the Secure Sockets Layer (SSL/TLS) protocol. As chief operating officer of Litronic, he prepared the company's identity management product and services for its successful IPO. At a key time in the growth of the Internet, as director of Engineering for Global SprintLink, Eric led the design and deployment of one of the largest international Internet networks of its time. He also served as vice president of IT Global Services at the Discovery Channel where he managed their worldwide voice, video delivery and data infrastructure.

Consulting with Fortune 500 clients, investors, defense and government customers, Eric has guided large-scale cutting-edge engagements in security, IT, open source intelligence and identity management. He has led mission-critical security efforts including the secure trading system used by the North American power industry to conduct more than $30 billion in online transactions.

Eric writes for leading industry magazines, serves on corporate advisory boards, is frequently quoted in leading media outlets.and is the author of two widely read books, Mission Critical Security Planner and Network Application Frameworks. He holds a Master's degree in Electrical Engineering from Cornell University and a Bachelor's degree in Electrical Engineering from the University of Maryland.

Customer Reviews

4.9 out of 5 stars
5 star
8
4 star
1
3 star
0
2 star
0
1 star
0
See all 9 customer reviews
Were the book really shines and that experience comes through is in realizing that security is not just about putting a lock on a door.
Amazon Customer
Security managers and CSOs will likely gain maximum benefits from using it (due to the book targeting), but other security professionals will benefit as well.
Dr Anton Chuvakin
My reasons for making this bold statement include: - The book provides a coherent and focused approach to developing and implementing a security plan.
Mike Tarrani

Most Helpful Customer Reviews

5 of 5 people found the following review helpful By Dr Anton Chuvakin on May 6, 2003
Format: Paperback
It is very rarely, that you'd see a good high-level security book nowadays. There are lots of great "worm-eye view" books with nice detailed descriptions of attacks, defenses, secure configuration options, tools and tricks. However, many of the high-level books resolve to quoting some outdated CSI/FBI survey, blabbering about security policy and giving out piles of outworldly advice on how to "mitigate risks".
This visionary book proves the opposite: you can have a high-level security book, which is not just practical, but actionable. "Mission Critical Security Planner" delivers a portion of the security process, packed into one toolkit. Make no mistake - this book is about planning how to do security, not how to tweak your scanner or configure a firewall. However, planning is indeed a critical (and, as the author points out, often missing) piece of security conundrum, and the book delivers on that.
An awesome component of the book is a large collection of templates and worksheets on "selling" security measures, planning the implementations, organizing security team, dealing with various business people and many other occasions. The book has the printed versions while its companion website criticalsecurity.com has the download.
The main part of the book is organized around "security fundamentals", large domains of security (such as authentication, encryption, integrity, privacy, etc), which are used to structure the security planning process, described by the author.
Read more ›
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
4 of 4 people found the following review helpful By Priscilla Oppenheimer on March 7, 2003
Format: Paperback Verified Purchase
In Mission-Critical Security Planner, Greenberg lays out all the security elements that should concern you and what questions you should ask about them. With this book, half the battle is won because you at least know how to do the planning. You still have to do the planning, but with the worksheets and tips provided in the book, that will be much easier than it used to be.
I read the book twice: once to get an idea of what all the worksheets were about and once to really read them with all the technical and practical details provided by Greenberg.
Greenberg identifies 28 security elements, including 15 fundamental elements, (six of which are core elements), and 13 wrap-up elements. Core elements include things like authorization and access control, authentication, encryption, integrity, nonrepudiation, and privacy. Those may seem obvious, but Greenberg has a lot of useful things to say about them that others haven't said.
Perhaps the most valuable part of the book is all the other elements, which we tend to forget, including addressing and routing (with tips on how to get those right from a security point of view), configuration management, directory services, time services, staff management, legal issues, and so on.
I'd be interested to see some projects get implemented with Greenberg's methods. I think it should work quite well, although due to entropy, laziness, over-worked engineers, and other such factors, I would guess that some of the numerous worksheets will fall by the wayside. But I think Greenberg would be OK with that as long as most of the worksheets are maintained and the company adopts security as a way of thinking.
In summary, this book is definitely worth reading, probably numerous times!
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
3 of 3 people found the following review helpful By A Customer on February 22, 2003
Format: Paperback
Greenberg advocates an actionable, meaningful security approach that doesn't get hung up on methodology or reliance on abstract standards, like DoD and other common standards. The book skewers bureaucracies that believe planning and methodology is an end in itself, yet recognizes key business realities facing security advocates and suggests practical approaches to "selling security" within an organization -- an important topic given tight or shrinking budgets.
Greenberg is clearly a security guy and writes with experience and authority -- at times the style is conversational and humorous and at others professorial -- it is a good read for a security-focused text. While providing a strong overview of sound security planning and risk management concepts, MCSP also digs down and provides details where it counts regarding filters, proxies, IDS/VA, configuration management, content management (ActiveX, etc), and so forth yet consistently presents this low-level detail within the framework of an actionable security planning methodology that will be relevant five or even ten years from now. MCSP is anything but a security cookbook of technology discussions gleaned from public sources, although many basic concepts and topics are explained in the book's comprehensive glossary. Instead, the book presents the strengths and weaknesses of various technologies and approaches as they relate to the security improvement process.
MCSP utilizes a sequence of sophisticated worksheets to guide the reader through the security planning process and create a dynamic, actionable security plan -- not a plan that lives on the shelf.
Read more ›
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again

Customer Images

Most Recent Customer Reviews

Search