Just Enough Security: Information Security For Business Managers

The Just Enough Security (JES) approach to information assurance is based on the belief that no one safeguard can completely protect your critical information assets from a highly motivated threat. The JES security model combines multiple layers of safeguards with simple risk management tools to help you achieve both the security of your information assets and a return on your security investment. To allow you to quickly apply the basic principles of JES, this book helps you build the necessary skills in three steps. Part 1 of this book contains three primers to ensure you have the basic technical knowledge necessary to understand each layer of the JES model. These primers include networking, security, and risk management. Part 2 introduces the various layers of the JES model with detailed explanations of how to implement each. Finally, business continuity and incident management principles are discussed in Part 3.