Malcolm Harkins

This updated version describes, at a high level, the evolving enterprise security landscape and provides guidance for a management-level audience about how to manage and survive risk. While based primarily on the author’s experience and insights at major companies where he has served as CISO and CSPO, the book also includes many examples from other well-known companies.

Managing Risk and Information Security provides thought leadership in the increasingly important area of enterprise… Show more

This updated version describes, at a high level, the evolving enterprise security landscape and provides guidance for a management-level audience about how to manage and survive risk. While based primarily on the author’s experience and insights at major companies where he has served as CISO and CSPO, the book also includes many examples from other well-known companies.

Managing Risk and Information Security provides thought leadership in the increasingly important area of enterprise information risk and security. It describes the changing risk environment and why a fresh approach to information security is needed. Because almost every aspect of an enterprise is now dependent on technology not only for internal operations but increasing as a part of product or service creation, the focus of IT security must shift from locking down assets to enabling the business while managing and surviving risk.

This edition discusses business risk from a broader perspective, including privacy and regulatory considerations. It describes the increasing number of threats and vulnerabilities and offers strategies for developing solutions. These include discussions of how enterprises can take advantage of new and emerging technologies—such as social media and the huge proliferation of Internet-enabled devices—while minimizing risk.
Show less

As a technological innovation creates new opportunities to collect, process and transfer personal information, the privacy risks associated with it grow exponentially. In today's information economy, successful IT Professionals must understand these risks and have the appropriate skills to safeguard data and support the privacy goals of their organization.

Introduction to IT Privacy: A Handbook for Technologists is the essential resource for all IT stakeholders. Whether you're involved… Show more

As a technological innovation creates new opportunities to collect, process and transfer personal information, the privacy risks associated with it grow exponentially. In today's information economy, successful IT Professionals must understand these risks and have the appropriate skills to safeguard data and support the privacy goals of their organization.

Introduction to IT Privacy: A Handbook for Technologists is the essential resource for all IT stakeholders. Whether you're involved in IT development, acquisition or administration, this book will give you the know-how you need to integrate privacy best practices. Show less

This book describes the changing risk environment and why a fresh approach to information security is needed.The book discusses business risk from a broad perspective, including privacy and regulatory considerations. It describes the increasing number of threats and vulnerabilities, but also offers strategies for developing solutions.

With all the responsibility and challenges, little has been written about the state CIO Leader, until now. This book is with 37 contributors among 26 chapters, is designed to serve as a thought leadership guide aimed at the practitioner as well as those who seek to better understand the roles and responsibilities of today’s evolving State CIO. It is estimated that states will spend $157.5 billion on technology through 2015. The average tenure of a state CIO is approximately 2.5 years, and… Show more

With all the responsibility and challenges, little has been written about the state CIO Leader, until now. This book is with 37 contributors among 26 chapters, is designed to serve as a thought leadership guide aimed at the practitioner as well as those who seek to better understand the roles and responsibilities of today’s evolving State CIO. It is estimated that states will spend $157.5 billion on technology through 2015. The average tenure of a state CIO is approximately 2.5 years, and increasingly both the demands and expectations have risen dramatically. Today’s state CIO plays a greater strategic role than ever before when it comes to technology infrastructure, as well as providing key statewide citizen services and communications systems. This book is the ultimate thought-leaders guide Show less

Almost every company is asking the question of survivability – how to balance business needs and growth, while meeting regulatory compliance and mitigating security risks? This question is facing organizations of all sizes, and for some the answer is changing the mission and scope of their IT security initiatives. In this session, Malcolm will discuss Intel’s approach to managing risk with its new “Protect to Enable” information security strategy

RSA convened a group of security executives from Global 1000 enterprises called the "Security for Business Innovation Council." They have been conducting interviews with Council members and publishing their ideas in a series of reports. Our hope is that these documents will provide your organization with valuable techniques for improving information security.