The Business Case for Network Security: Advocacy, Governance, and ROI.****# The Business Case for Network Security: Advocacy, Governance, and ROI (Return On Investment) The monetary benefits derived from having spent money on developing or revising a system. In the IT world, there are more ways to compute ROI than Carter has liver pills (and for those of you who never heard of that expression, it means a lot). . By Catherine Paquet and Warren Saxe; published by Cisco Press, www.ciscopress.com (Web); 408 pages; $39.95. Convincing executive management of the merits of a stable and secure network infrastructure is a difficult and ongoing battle for IT managers. The battle intensifies when it comes time to fund network security initiatives. IT managers must become adept advocates for such programs, so they must be proficient at demonstrating that network security is a crucial concern and that spending is necessary. A good companion for this task is The Business Case for Network Security, which helps IT security professionals assess their organization's risks and quantify costs and cost savings related to investments in network security. [ILLUSTRATION OMITTED] Authors Catherine Paquet and Warren Saxe offer excellent direction for creating and delivering a security proposal to executive management. Readers learn to use established financial-analysis methods such as net present value, internal rate of return, and payback period Payback Period The length of time required to recover the cost of an investment. Calculated as: , and they are introduced to a concept developed by the authors--return on prevention, a tool used to determine the value of a proposed security expenditure. By educating readers on these concepts, the authors make their audience more fluent in the language of business leaders. The authors' solid framework for creating a policy-and-procedure-based structure for network security, and their adept presentation of material makes this book valuable for IT managers, security practitioners, and consultants alike. Reviewer: Nick Vellani, CISSP (Certified Information Systems Security Professional) The award for successful completion of an examination in computer security administered by the International Information Systems Security Certification Consortium (ISC)2. (Certified Information Systems Security Professional Certified Information Systems Security Professional (CISSP) is a vendor-neutral certification governed by the non-profit International Information Systems Security Certification Consortium (commonly known as (ISC)²). ), CISA (Certified Information Systems Auditor) The award for successful completion of an examination in information systems audit, control and security from the Information Security Audit and Control Association. See ISACA. (Certified Information Systems Auditor), is a senior associate in the Business Advisory Services/Technical Risk Management Practice at accounting firm Grant Thornton in Houston. He holds an MBA MBA abbr. Master of Business Administration Noun 1. MBA - a master's degree in business Master in Business, Master in Business Administration from Houston Baptist University Houston Baptist University (commonly abbreviated HBU) is a private Baptist institution founded in 1960. It is located in the southwest part of Houston, Texas near the Southwest Freeway. . Stars denote reviewer ratings, with ***** being the highest and ##### the lowest. |
|
||||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion