Security Planning and Disaster Recovery - Softcover

About the Authors

Eric Maiwald is a Research Vice President with Gartner, Inc. where he focuses on enterprise security infrastructure and mobility technologies. Mr. Maiwald has over twenty years of experience in information security where has worked as a security officer and consultant for large financial institutions, healthcare providers, services firms, and manufacturers. He has extensive experience in the security field performing assessments, policy development, architecture design, and product implementations. Mr. Maiwald holds a Bachelors of Science in Electrical Engineering degree from Rensselaer Polytechnic Institute and a Masters of Engineering in Electrical Engineering from Stevens Institute of Technology and is a Certified Information Systems Security Professional. He is a named inventor on patent numbers 5,577,209, Apparatus and Method for Providing Multi-level Security for Communications among Computers and Terminals on a Network, 5,872,847, Using Trusted Associations to Establish Trust in a Computer Network, 5,940,591 Apparatus and Method for Providing Network Security, and 6,212,636 Method for Establishing Trust in a Computer Network via Association. Mr. Maiwald is a regular presenter at a number of well-known security conferences. He has also written Security Planning and Disaster Recovery (with William Sieglein), and Fundamentals of Network Security, both published by Osborne/McGraw-Hill and is a contributing author for Hacking Linux Exposed, and Hackers Challenge also published by Osborne/McGraw-Hill.

William Sieglein is the Manager of Enterprise Security Management Services for Fortrex Technologies. Williams INFOSEC experience is broad ranging and includes security assessments, security architecture development, security infrastructure planning, product evaluation and implementation, security program and policy development, security project management and security training & awareness development and delivery. Sieglein also was a consultant for 6 years with the technology consulting firm Booz Allen & Hamilton where he spent much of his tenure with the CIA where he lead a project to develop an agency-wide, comprehensive system security certification and accreditation (C&A) program. After completion of the program development Sieglin then lead several successful large-scale system C&A efforts. Sieglein also redesigned and taught the nationally accredited week-long computer security training course at the National Cryptologic School (NCS), Department of Defense (DoD) Security Institute, and the Defense Intelligence Agency (DIA).Prior to joining Booz Allen, Sieglein served 11 years as a systems analyst with the National Security Agency (NSA). Sieglein is a member of the Computer Security Institute and a frequent speaker at conferences and seminars for organizations such as the Regional Computer Forensics Group, American Society for Industrial Security and National Association of Credit Managers. He has appeared on the Business Security Talk radio program in the Washington, D.C. area and has been published in the Internet Security Advisor magazine.

From the Back Cover

Secrets and strategies for protecting your network before trouble strikes

Create and implement a successful security system and recovery plan with help from this insightful and practical resource. This detailed guide provides you with a complete roadmap for developing an effective end-to-end security program. You'll even discover numerous methods for proactively protecting your network before a security breach occurs saving you time, effort, and money in the long run. Covering the earliest phases of plan development, team organization and training, to technology deployment and incident recovery strategies, this book combines in-depth conceptual explanations with hands-on checklists at the end of every chapter. Definitive, authoritative, and up to date, this book is an invaluable tool in the ongoing and often challenging task of maintaining network security.

-Understand the laws and regulations affecting information security programs-Deploy new projects and technologies in a cost-effective manner-Define requirements and establish policies and procedures for your organization-Respond to incidents and disasters in a systematic fashion to minimize loss or damage to valuable data-Learn to identify, hire and keep security professionals and establish the reporting structure for the information security department-Introduce human controls, including staff awareness, to help improve security-Discover how audits and penetration tests can help in assessing risk-Assemble an incident response team and set priorities and goals for each member