Chapter 3. Information Security and Risk Management
This chapter presents the following:
Security management responsibilities
Difference between administrative, technical, and physical controls
Three main security principles
Risk management and risk analysis
We hear about viruses causing millions of dollars in damages, hackers from other countries capturing credit card information from financial institutions, web sites of large corporations and governments being defaced for political reasons, and hackers being caught and sent to jail. These are the more exciting aspects of computer security, but realistically these activities are not what the average corporation or security professional ...