This book was designed, and is intended to be used, as both a digital and an analogue (that is, dual online and hardcopy) resource. The speed of evolution in computing and of the internet means that any book on information security starts going out of date fairly quickly. On top of that, there is a six- to eight-month gap between completing the text for and the publication of a hard-covered book. This inevitably means that many technologies that were new, new-ish but inadequately tested, or still only dreams at the point I completed the text could not be included in the analogue version of this book. The reader should therefore assume, from the outset, that the KnowledgeBank at www.itgovernance.co.uk is essential and should use it on a regular basis in order to access the most current information on the issues covered in this book.
This book tells you what you need to do – or ensure you have done – to secure your information systems and assets. It also tells you why you need to tackle each of the recommended actions, so that you can clearly understand the consequences of both action and inaction. The book doesn’t tell you, screen by screen, how to implement any of the recommended controls; there are plenty of big, fat books out there that already do this, operating system by operating system (for example, Windows 95, 98, 2000, NT 4.0, Windows XP, Server 2003) and version by version. Because you only run one system, you only need a small bit of the information in each book. You don’t need to be able to implement controls in a wide range of systems, as long as you can implement them in the one you actually run. This book gives you, in one set of covers, everything you need to know about the what and the why: enough for you to ensure that a trained IT person actually does what you need done.
About the Author
Alan Calder, founder director of IT Governance Ltd, led one of the first organizations to achieve BS7799. His 30-year international management career, at CEO and director level in both the private and public sectors, has increasingly focused on the challenge of making information security as simple and as natural as household security. He is the author of IT Governance and Corporate Governance (both published by Kogan Page).