Information Security: Protecting the Global Enterprise

naturally, since i am mentioned in this book, i must say that i am pleased. God bless you, author. God bless you.

Information Security: Protecting the Global Enterprise is a very good guide to those looking for a management level introduction into the core concepts of information security.Pipkin writes in an easy to understand style without a lot of arcane acronyms or techno speak. The book has a good step-by-step approach and is a very good starting point for those looking to design their information systems security architecture. The book is a great place to start ones security roadmap and initiative and as a launching point for more in depth work.

This is a very good book for IT people expand their security scope into enterprise level. Some other books take more an auditor's view, this one provides structures and practices just enough for IT people. Unless your organization need a BS7799 certification, this is the book you need to read through.

Pipkin's book is a nice guide to strategic information security. Don't expect buffer overflows, connection hijacking, or any other topics covered at Defcon -- this one's for planning and implementing corporate-wide security.It could be used as a step-by-step walk through for an IT or security manager on his/her foray into managing large-scale security. Heck, that's what I'm doing, and I'm following this book cover to cover.What are this book's strengths?Well, I particularly like the step-by-step approach. It carves the mammoth task into smaller, more manageable chunks. It lets me see where I'm going, and it helps me to decide how deeply I want to delve into each subject. Someone could easily spend months or longer on the first chapter about assessing value. Seeing the whole process gives me some perspective on where I need to spend the most time, and what kind of resources I'm going to need to plan and implement this security plan.What do I wish was different? Well, the outlines are a bit sparse sometimes. The book is really good at giving structure to this whole process, but it doesn't give too many details on how to go about accomplishing each and every task. I hesistate to call this a failing, however, because it's just -too- complex. I think the book is about as specific as it could be, given its high-level strategic approach. I'm using this book as my roadmap, and searching out much more in-depth information as it becomes necessary.In short, this book is a very welcome addition to my bookshelf. I'd recommend it to anyone responsible for information security.

Information Security is a must have for anyone involved with computer security. I realized that I've been securing computer systems by focusing on the 3-As (authentication, authorization and audit). This book describes 10 attributes of information security that have to be addressed. It has opened my eyes to areas of security that I had overlooked.