Key Management Concepts
In This Chapter
Courting key concepts in information security management
Understanding the issues that concern security professionals
Learning the language of information security management
A fool with a tool is still a fool. The owner of a technology business once told this to his employees. Information technology and information security cannot succeed on tools alone but require business processes that manage their use.
This chapter is modeled after five of the ten categories in the Common Body of Knowledge (CBK) in the CISSP (Certified Information Systems Security Professional) certification. The five categories in this chapter are security management centric. The other five categories of the CISSP CBK are covered in Chapter 5.
For a deeper dive into the CISSP common body of knowledge, pick up a copy of CISSP For Dummies, 4th Edition.