Building an Information Security Awareness Program and over 390,000 other books are available for Amazon Kindle � Amazon�s new wireless reading device. Learn more

Quantity:

Express Checkout with PayPhrase

What's this? | Create PayPhrase

More Buying Choices

24 used & new from $32.95

Have one to sell? Sell yours here

Share with Friends

Share your own customer images

Search inside this book

Start reading Building an Information Security Awareness Program on your Kindle in under a minute. Don�t have a Kindle? Get your Kindle here.

Building an Information Security Awareness Program (Paperback)

~ (Author) "The assumption here is, of course, that you are embarking on the creation of a program for a company with whom you have little or..." (more)
Key Phrases: information security awareness program, virus response team, company information assets, New York (more...)

3.0 out of 5 stars See all reviews (2 customer reviews)

List Price:	$78.95
Price:	$68.23 & this item ships for FREE with Super Saver Shipping. Details
You Save:	$10.72 (14%)
	o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o

In Stock.
Ships from and sold by Amazon.com. Gift-wrap available.

Only 1 left in stock--order soon (more on the way).

Want it delivered Monday, December 28? Choose One-Day Shipping at checkout. Details

14 new from $32.95 10 used from $33.49

Formats		Amazon Price	New from	Used from
Kindle Edition $47.96 Available for download now. Published September 30, 2001	Kindle Edition, September 30, 2001	$47.96	--	--
Hardcover Published September 30, 2001	Hardcover, September 30, 2001	--	--	--
Paperback $68.23 In Stock. Published October 29, 2001	Paperback, October 29, 2001	$68.23	$32.95	$33.49

Customers Who Bought This Item Also Bought

CISSP Certification All-in-One Exam Guide, Fourth Edition

by Shon Harris

4.1 out of 5 stars (41) $50.39

CISO Leadership: Essential Principles for Success ((ISC)2 Press)

by Todd Fitzgerald

4.3 out of 5 stars (3) $59.16

› Explore similar items

Editorial Reviews

Product Description

In his latest book, a pre-eminent information security pundit confessed that he was wrong about the solutions to the problem of information security. It's not technology that's the solution, but the human factor-people. But even infosec policies and procedures are insufficient if employees don't know about them, or why they're important, or what can happen to them if they ignore them. The key, of course, is continuous awareness of the problems and the solutions.Building an Information Security Awareness Program addresses these concerns. A reference and self-study guide, it goes step-by-step through the methodology for developing, distributing, and monitoring an information security awareness program. It includes detailed instructions on determining what media to use and where to locate it, and it describes how to efficiently use outside sources to optimize the output of a small staff. The author stresses the importance of security and the entire organizations' role and responsibility in protecting it. He presents the material in a fashion that makes it easy for nontechnical staff members to grasp the concepts. These attributes render Building an Information Security Awareness Program an immensely valuable reference in the arsenal of the IS professional.

Product Details

Paperback: 272 pages
Publisher: AUERBACH; 1 edition (October 30, 2001)
Language: English
ISBN-10: 0849301165
ISBN-13: 978-0849301162
Product Dimensions: 9.9 x 7.1 x 0.8 inches
Shipping Weight: 1.3 pounds (View shipping rates and policies)

Average Customer Review: 3.0 out of 5 stars See all reviews (2 customer reviews)

Amazon.com Sales Rank: #1,899,888 in Books (See Bestsellers in Books)

Would you like to update product info or give feedback on images?

More About the Author

Discover books, learn about writers, read author blogs, and more.

› Visit Amazon's Mark B. Desman Page

Inside This Book (learn more)

First Sentence:
The assumption here is, of course, that you are embarking on the creation of a program for a company with whom you have little or no experience. Read the first page

Key Phrases - Statistically Improbable Phrases (SIPs): (learn more)
information security awareness program, virus response team, company information assets, corporate information assets, information security officer, information security professionals, documentation people, information security policies, antivirus product, documentation department, big gorilla

Key Phrases - Capitalized Phrases (CAPs): (learn more)
New York

New!
Books on Related Topics | Concordance | Text Stats

Citations (learn more)

This book cites 17 books:

Business Resumption Planning by Edward S. Devlin on page 72, and Back Matter
New Directions in Project Management (Best Practices) by Paul C. Tinnirello in Front Matter
Securing and Controlling Cisco Routers by Peter T. Davis in Front Matter
Computer Telephony Integration, Second Edition by William A. Yarberry Jr. in Front Matter
Cyber Forensics: A Field Manual for Collecting, Examining, and Preserving Evidence of Computer Crimes, Second Edition (Information Security) by Albert Marcella Jr. in Front Matter

See all 17 books this book cites

70 books cite this book:

Secure Internet Practices: Best Practices for Securing Systems in the Internet and e-Business Age by Patrick McBride on page 172, and Back Matter
Global Information Warfare: How Businesses, Governments, and Others Achieve Objectives and Attain Competitive Advantages by Andy Jones in Front Matter, and page 566
Official (ISC)2� Guide to the CISSP�-ISSEP� CBK� by Susan Hansche CISSP in Front Matter
Public Key Infrastructure: Building Trusted Applications and Web Services by John R. Vacca in Front Matter
Investigator's Guide to Steganography by Gregory Kipper in Front Matter

See all 70 books citing this book

Books on Related Topics (learn more)

Official by Susan Hansche

Discusses:

The Security Risk Assessment Handbook by Douglas J. Landoll

Discusses:

Information Security Policies and Procedures by Thomas R. Peltier

Discusses:

The Ciso Handbook by Michael Gentile

Discusses:

What Do Customers Ultimately Buy After Viewing This Item?

	39% buy the item featured on this page: Building an Information Security Awareness Program 3.0 out of 5 stars (2) $68.23
	21% buy Inside the Security Mind: Making the Tough Decisions 4.4 out of 5 stars (15) $44.99
	20% buy Incident Response and Computer Forensics, Second Edition 4.6 out of 5 stars (30) $33.38
	11% buy Computer Security: 20 Things Every Employee Should Know (McGraw-Hill Professional Education) 4.7 out of 5 stars (21) $6.84

Explore similar items

Tags Customers Associate with This Product

(What's this?)

Click on a tag to find related items, discussions, and people.

awareness(1)

computer security(1)

it(1)

security(1)

Agree with these tags?

Customer Reviews

2 Reviews

5 star:		(0)
4 star:		(1)
3 star:		(0)
2 star:		(1)
1 star:		(0)

Average Customer Review

3.0 out of 5 stars (2 customer reviews)

Share your thoughts with other customers:

Create your own review

Most Helpful Customer Reviews

7 of 8 people found the following review helpful:

2.0 out of 5 stars Disappointing read, October 20, 2003

By	Dr. G. Hinson "NoticeBored.com" (New Zealand) - See all my reviews (REAL NAME)

Having read the cover blurb about this being a cookbook with step-by-step methods and techniques, I bought "Building an Information Security Awareness Program" with high hopes of learning some practical tips for planning and running a security awareness program. Unfortunately, I struggled to find anything of much value.

There are two main reasons that led me to this conclusion. Firstly, the book focuses primarily on information security rather than security awareness per se. The book is written in the sense of giving sage advice to someone who has recently joined a fairly large company as Chief Information Security Officer rather than Head of Information Security Awareness. A selection of awareness topics are covered, of course, but it is almost as if these aspects have been added on to the main text about information security. One could argue that somebody new to security awareness might not have the grounding in information security and would need to learn more. The coverage in this book is so unstructured and incomplete, however, that it cannot honestly be recommended as a primer either on information security or on security awareness.

Secondly, and by far the biggest barrier to understanding, is the author's consistently bad writing style. Others have described it as "chatty" - excessively wordy and turgid are closer to the truth. Grammatical and punctuation errors do not help. There are sentences on virtually every page that are so convoluted and obscure that all meaning is lost. This is somewhat ironic given the author's insistence that security awareness materials should be written "for 9th graders". The text often meanders into side topics and then loses its way in the detail. A good editor should have pruned these asides `back to the green wood' in order to maintain the flow of the text. Indeed, it is entirely possible that the editor's red pen has already trimmed out a lot of dead branches, but I kept wishing that more savage cuts had been made. The author clearly has strong feelings about certain pet hates. He attacks concepts such as organizational culture, for example, in cynical language ("idealistic mumbo jumbo" is one choice phrase!). Highly biased coverage of statistics in Chapter 18, probably the worst chapter in the book, completely undermines the author's otherwise good points about the need to measure an awareness program.

That said, the book will remain on my bookshelf because of the useful chapter summaries and a handful of good ideas that surfaced from the text. I liked the suggestion to interview managers to explore their security priorities, thereby drawing them into the awareness program. Gathering and sifting through pre-existing security awareness materials seems well worthwhile. As an ex-auditor, I appreciated the emphasis on working with the auditors to address their information security concerns. So there we are, the book's best parts covered in three short sentences. If only the author had been so succinct.

Comment Comment | Permalink | Was this review helpful to you? Yes No (Report this)

4 of 7 people found the following review helpful:

4.0 out of 5 stars Excellent info, tone too chatty, April 12, 2002

By	"vraptorz" (Issaquah, WA United States) - See all my reviews

This book has great information for the person who has been tasked with creating an Information Security Awareness program at a business which has never previously had one. Good tips on developing Info Security policies, and getting management backing for the policies and awareness program. It would be a great tool for someone wanting to learn how to assess the corporate culture of a new job, if you're not a people person. The only quibble I have is the tone is way too chatty and informal, which gets annoying at times. But well worth the read!

Comment Comment | Permalink | Was this review helpful to you? Yes No (Report this)

Share your thoughts with other customers: Create your own review

› See all 2 customer reviews...

.jsOffDisplayBlock { display: block; } .jsOffDisplayInline { display: inline; } .jsOffVisibility { visibility: visible; } .jsOnDisplayBlock { display: none; } .jsOnDisplayNoneBlock { display: block; } .jsOnDisplayNoneInline { display: inline; } .jsOnDisplayInline { display: none; } .jsOnVisibility { visibility: hidden; } .jqOnDisplayBlock { display: none; } .jqOnDisplayInline { display: none; } .jqOnVisibility { visibility: hidden; } .jqOnDisplayNoneBlock { display: block; } .jqOnDisplayNoneInline { display: inline; }