This must-have book by Leron Zinatullin considers information security from differing viewpoints in order to gain insight into security issues relating to human behavior, helping security professionals understand how a security culture that contextualizes risk promotes compliance.
Based on insights gained from academic research as well as interviews with security professionals from various sectors, this ITGP book explains the importance of careful risk management and how to align a security program with wider business objectives.
What others have said…
Based on real world examples, the book provides valuable insights into the relationship of information security, compliance, business economics, and decision theory. Drawing on interdisciplinary studies, commentary from the field, and his own research, Leron gives the reader the necessary background and practical tools to drive improvements in their own information security program.
Daniel Schatz, Director of Threat & Vulnerability Management at Thomson Reuters
This book cuts to the heart of many of the challenges in risk management, providing advice and tips from interviews as well as models that can be employed easily. Leron manages to do this without being patronizing or prescriptive, making it an easy read with some very real practical takeaways.
Thom Langford, Chief Information Security Officer at Publicis Groupe