Information Security Bulletin

Enterprise Security Architecture: A Business-Driven Approach

11 Nov 01:20

Security architecture theory and practice are brought together in a new book for IT business managers. Enterprise Security Architecture: A Business Driven Approach by top independent information security experts John Sherwood, Andy Clark and David Lynas, provides a much-needed generic framework to develop solutions that can be unique for individual enterprises.

Welcomed by system architects who for years have struggled to achieve integrated security for individual businesses, the book marks a very significant advance in security architecture. "This birth-to-death treatment is unique and should be on every CIO, ICT infrastructure and application development directors' desk," said Professor Brian S Collins of Cranfield University and the British Computing Society.

Andy Clark, co-author and a director of digital forensics specialists Inforenz, explained: "Our book is intended for technical security personnel and business managers who have very real security issues to confront in their day-to-day business. It is designed as a tutorial and a reference tool and has examples of real business security solutions. To ensure that it is grounded in the real world, we have incorporated the varying perspectives of the main players in any business upon whom security architecture impinges."

Using key theoretical models and decades of combined practical experience, the authors have designed SABSA (Sherwood Applied Business Security Architecture), a generic model which can be used to develop unique solutions for any enterprise. Central to the framework is Business Attribute Profiling, a key step in capturing business requirements, defining measurement approaches and setting performance targets for information system risk management.

Enterprise Security Architecture: A Business Driven Approach by John Sherwood, Andy Clark and David Lynas is published by CMP Books and is available through Amazon.

[This is a MUST READ book for everybody in information assurance. It is an authoritative work describing a framework solidly anchored in business processes, into which ALL information, IT and general security problems and solutions will fit. It is the first, and so far only, work to provide a truly holistic model to design not just security but ASSURANCE. SABSA is THE framework into which all solutions should be put. A full-length review of the book will appear in one of the next ISBs, but don't wait - read the book before your colleague :-) --Ed].

Related links: (Open in a new window.)
www.amazon.com

View printable version (opens in new window)
Back

Search ISB News:

Not yet sure you want to subscribe? Download a free sample copy!

Download the much quoted October Editorial

Portal Frontpage
Web Editorial
About This Portal
Contact Info

IS Alerts
General News
Product News
Vendor News
People News
Literature
Events
CHI News

Subscribe Online
About ISB
Publishing in ISB
Advertising in ISB
PR Information

In the current issue:

Security Management
The Importance of Adaptability
Steve Purser

From the Trenches
Reversing Perimeter Defences – a Case Study
Søren Maigaard

Security Architectures
The Self Defending Network: New Trends In ICT Security Infrastructures
Drs. Ing. René Pluis

Subscribe Online!