Agile IT Security Implementation Methodology
eBook:
$11.99
Formats:
Formats:
$10.19
save 15%!
save 15%!
Print + free eBook + free PacktLib access to the book:
$31.98
Print cover: $19.99
$19.99
save 37%!
save 37%!
Free Shipping!
UK, US, Europe and selected countries in Asia.
| Also available on: |
|
- Combine the Agile software development best practices with IT security practices to produce incredible results and minimize costs
- Plan effective Agile IT security using mind mapping techniques
- Create an Agile blueprint and build a threat model for high value asset
- Written in easy to understand, jargon-free language by a senior IT Specialist with IBM's Software group
Book Details
Language : EnglishPaperback : 120 pages [ 235mm x 191mm ]
Release Date : November 2011
ISBN : 1849685703
ISBN 13 : 9781849685702
Author(s) : Jeff Laskowski
Topics and Technologies : All Books, Enterprise
Table of Contents
PrefaceChapter 1: Why Agile IT Security?
Chapter 2: New Security Threats
Chapter 3: Agile Security Team
Chapter 4: Agile Principles
Chapter 5: Agile Risk-Driven Security
Chapter 6: Agile Blueprint
Chapter 7: Lean Implementation Principles
Chapter 8: Agile IT Security Governance and Policy
Chapter 9: Security Policy and Agile Awareness Programs
Chapter 10: Impact on IT Security
Chapter 11: Barriers to Agile
Chapter 12: Agile Planning Techniques
Chapter 13: Compliance and Agile
Chapter 14: Effective Agile IT Security
Index
- Chapter 1: Why Agile IT Security?
- Security built on insecurity
- Perimeter security model
- Security landscape
- Security damages
- Security trends
- Security risk
- Summary
- Chapter 2: New Security Threats
- Evolving risks
- Cloud computing risks
- Web 2.0 risks
- Bandwidth risks
- Regulatory compliance
- Advance persistent threats
- Social engineering risks
- Mobile risks
- Espionage risks
- Social networking risks
- Zero-day exploits
- Cyberwarfare, Cyberterrorism, and Hactavism
- Money mules
- Summary
- Chapter 3: Agile Security Team
- Getting started with Agile
- Agile focus
- Agile team approach
- Offsetting resistance
- Agile coaching
- Trust exercise
- Degree of change
- Agile ceremony
- Summary
- Chapter 4: Agile Principles
- Need to evolve
- Risk-driven security
- Hiring an agile professional
- Culture
- Changing culture
- Focus on strength
- Pairwise
- Refractoring
- Small deliverables
- Decomposition
- Collective ownership
- Agile Spike
- Simple design
- Minimizing waste
- Done means done
- Project divergence rate
- Project Velocity rate
- Yesterday's weather
- Collaboration
- Scrum Master
- Agile planning poker
- Standup meeting
- Summary
- Chapter 5: Agile Risk-Driven Security
- Data value
- Data-centric approach
- Risk-driven security
- The bullpen
- DREAD modeling
- Bullpen solutions
- Summary
- Chapter 6: Agile Blueprint
- Agile blueprinting
- Accounting for the past
- Threat modeling
- Ill-use case
- Summary
- Chapter 7: Lean Implementation Principles
- Eliminating waste
- Amplify learning
- Decide as late as possible
- Deliver as fast as possible
- Empowering the team
- See the Whole
- Summary
- Chapter 8: Agile IT Security Governance and Policy
- Developing security policy
- Governance basics
- Articulate security value
- Agile second policy
- Summary
- Chapter 9: Security Policy and Agile Awareness Programs
- Security awareness
- Ebbinghaus effect
- Policy awareness
- Password awareness
- E-mail, social networking, and IM awareness
- Social engineering, phishing, and hoax awareness
- Privacy awareness
- Physical awareness
- Security infrastructure 101 awareness
- Attack recognition awareness
- Awareness certification
- Memory retention
- Summary
- Chapter 10: Impact on IT Security
- Agile structure
- Spreading risk
- Compliance and privacy
- Supply chain
- Summary
- Chapter 11: Barriers to Agile
- Agile culture
- Agile training
- Agile fears
- Summary
- Chapter 12: Agile Planning Techniques
- Mind-map example
- Mind-map tools
- Summary
- Chapter 13: Compliance and Agile
- Agile compliance
- Summary
- Chapter 14: Effective Agile IT Security
- Agile team success factors
- Agile risk success factors
- Factors in the success of Agile countermeasures
- Summary
Jeff Laskowski
Sorry, we don't have any reviews for this title yet.
Submit Errata
Please let us know if you have found any errors not listed on this list by completing our errata submission form. Our editors will check them and add them to this list. Thank you.
Sample chapters
You can view our sample chapters and prefaces of this title on PacktLib or download sample chapters in PDF format.
Frequently bought together
+
=
50% Off
the eBooks
the eBooks
Buy both these recommended eBooks together and get 50% off the total price
- Understand the various modern-day security risks and concerns and how Agile IT security is useful in dealing with these risks
- Learn Agile principles like pairwise, refactoring, collective ownership, collaboration, track project divergence and velocity rates
- Develop security policies and articulate security value and take steps to ensure your employees’ security awareness
- Identify your organization’s high value assets and apply risk-driven security
- Employ Lean implementation principles like eliminating waste, amplified learning, late decisions and fast deliveries
- Learn what teams in your organization can help you with security, and tie up with them
- Learn how to overcome Agile barriers and fears and train your security professionals
- Learn Agile team success factors and Agile risk success factors
Security is one of the most difficult areas in today’s IT industry. The reason being; the speed at which security methods are developing is considerably slower than the methods of hacking. One of the ways to tackle this is to implement Agile IT Security. Agile IT security methodology is based on proven software development practices. It takes the best works from Agile Software Development (Scrum, OpenUp, Lean) and applies it to security implementations.
This book combines the Agile software development practices with IT security. It teaches you how to deal with the ever-increasing threat to IT security and helps you build robust security with lesser costs than most other methods of security. It is designed to teach the fundamental methodologies of an agile approach to IT security. Its intent is to compare traditional IT security implementation approaches to new agile methodologies. Written by a senior IT specialist at IBM, you can rest assured of the usability of these methods directly in your organization.
This book will teach IT Security professionals the concepts and principles that IT development has been using for years to help minimize risk and work more efficiently. The book will take you through various scenarios and aspects of security issues and teach you how to implement security and overcome hurdles during your implementation.
It begins by identifying risks in IT security and showing how Agile principles can be used to tackle them. It then moves to developing security policies and identifying your organization's assets. The last section teaches you how you can overcome real-world issues in implementing Agile security in your organization including dealing with your colleagues.
The book is a tutorial that goes from basic to professional level for Agile IT security. It begins by assuming little knowledge of agile security. Readers should hold a good knowledge of security methods and agile development.
The book is targeted at IT security managers, directors, and architects. It is useful for anyone responsible for the deployment of IT security countermeasures. Security people with a strong knowledge of agile software development will find this book to be a good review of agile concepts.
