Agile IT Security Implementation Methodology

Plan, develop, and execute your organization’s robust agile security with IBM’s Senior IT Specialist with this book and ebook.

Agile IT Security Implementation Methodology

Starting
Jeff Laskowski

Plan, develop, and execute your organization’s robust agile security with IBM’s Senior IT Specialist with this book and ebook.
$10.00
$19.99
RRP $11.99
RRP $19.99
eBook
Print + eBook
$12.99 p/month

Get Access

Get Unlimited Access to every Packt eBook and Video course

Enjoy full and instant access to over 3000 books and videos – you’ll find everything you need to stay ahead of the curve and make sure you can always get the job done.

Code Files
+ Collection
Free Sample

Book Details

ISBN 139781849685702
Paperback120 pages

About This Book

  • Combine the Agile software development best practices with IT security practices to produce incredible results and minimize costs
  • Plan effective Agile IT security using mind mapping techniques
  • Create an Agile blueprint and build a threat model for high value asset
  • Written in easy to understand, jargon-free language by a senior IT Specialist with IBM's Software group

Who This Book Is For

The book is targeted at IT security managers, directors, and architects. It is useful for anyone responsible for the deployment of IT security countermeasures. Security people with a strong knowledge of agile software development will find this book to be a good review of agile concepts.

Table of Contents

Chapter 1: Why Agile IT Security?
Security built on insecurity
Perimeter security model
Security landscape
Summary
Chapter 2: New Security Threats
Evolving risks
Cloud computing risks
Chapter 3: Agile Security Team
Getting started with Agile
Agile focus
Agile team approach
Offsetting resistance
Agile coaching
Trust exercise
Degree of change
Agile ceremony
Summary
Chapter 4: Agile Principles
Need to evolve
Risk-driven security
Hiring an agile professional
Pairwise
Refractoring
Small deliverables
Decomposition
Collective ownership
Agile Spike
Simple design
Minimizing waste
Done means done
Project divergence rate
Project Velocity rate
Yesterday's weather
Collaboration
Summary
Chapter 5: Agile Risk-Driven Security
Data value
Risk-driven security
The bullpen
DREAD modeling
Bullpen solutions
Summary
Chapter 6: Agile Blueprint
Agile blueprinting
Summary
Chapter 7: Lean Implementation Principles
Eliminating waste
Amplify learning
Decide as late as possible
Deliver as fast as possible
Empowering the team
See the Whole
Summary
Chapter 8: Agile IT Security Governance and Policy
Developing security policy
Governance basics
Articulate security value
Agile second policy
Summary
Chapter 9: Security Policy and Agile Awareness Programs
Security awareness
Ebbinghaus effect
Policy awareness
Attack recognition awareness
Awareness certification
Memory retention
Summary
Chapter 10: Impact on IT Security
Agile structure
Spreading risk
Compliance and privacy
Supply chain
Summary
Chapter 11: Barriers to Agile
Agile culture
Agile training
Agile fears
Summary
Chapter 12: Agile Planning Techniques
Mind-map example
Mind-map tools
Summary
Chapter 13: Compliance and Agile
Agile compliance
Summary
Chapter 14: Effective Agile IT Security
Agile team success factors
Agile risk success factors
Factors in the success of Agile countermeasures
Summary

What You Will Learn

  • Understand the various modern-day security risks and concerns and how Agile IT security is useful in dealing with these risks
  • Learn Agile principles like pairwise, refactoring, collective ownership, collaboration, track project divergence and velocity rates
  • Develop security policies and articulate security value and take steps to ensure your employees’ security awareness
  • Identify your organization’s high value assets and apply risk-driven security
  • Employ Lean implementation principles like eliminating waste, amplified learning, late decisions and fast deliveries
  • Learn what teams in your organization can help you with security, and tie up with them
  • Learn how to overcome Agile barriers and fears and train your security professionals
  • Learn Agile team success factors and Agile risk success factors

In Detail

Security is one of the most difficult areas in today’s IT industry. The reason being; the speed at which security methods are developing is considerably slower than the methods of hacking. One of the ways to tackle this is to implement Agile IT Security. Agile IT security methodology is based on proven software development practices. It takes the best works from Agile Software Development (Scrum, OpenUp, Lean) and applies it to security implementations.

This book combines the Agile software development practices with IT security. It teaches you how to deal with the ever-increasing threat to IT security and helps you build robust security with lesser costs than most other methods of security. It is designed to teach the fundamental methodologies of an agile approach to IT security. Its intent is to compare traditional IT security implementation approaches to new agile methodologies. Written by a senior IT specialist at IBM, you can rest assured of the usability of these methods directly in your organization.

This book will teach IT Security professionals the concepts and principles that IT development has been using for years to help minimize risk and work more efficiently. The book will take you through various scenarios and aspects of security issues and teach you how to implement security and overcome hurdles during your implementation.

It begins by identifying risks in IT security and showing how Agile principles can be used to tackle them. It then moves to developing security policies and identifying your organization's assets. The last section teaches you how you can overcome real-world issues in implementing Agile security in your organization including dealing with your colleagues.

Authors

Table of Contents

Chapter 1: Why Agile IT Security?
Security built on insecurity
Perimeter security model
Security landscape
Summary
Chapter 2: New Security Threats
Evolving risks
Cloud computing risks
Chapter 3: Agile Security Team
Getting started with Agile
Agile focus
Agile team approach
Offsetting resistance
Agile coaching
Trust exercise
Degree of change
Agile ceremony
Summary
Chapter 4: Agile Principles
Need to evolve
Risk-driven security
Hiring an agile professional
Pairwise
Refractoring
Small deliverables
Decomposition
Collective ownership
Agile Spike
Simple design
Minimizing waste
Done means done
Project divergence rate
Project Velocity rate
Yesterday's weather
Collaboration
Summary
Chapter 5: Agile Risk-Driven Security
Data value
Risk-driven security
The bullpen
DREAD modeling
Bullpen solutions
Summary
Chapter 6: Agile Blueprint
Agile blueprinting
Summary
Chapter 7: Lean Implementation Principles
Eliminating waste
Amplify learning
Decide as late as possible
Deliver as fast as possible
Empowering the team
See the Whole
Summary
Chapter 8: Agile IT Security Governance and Policy
Developing security policy
Governance basics
Articulate security value
Agile second policy
Summary
Chapter 9: Security Policy and Agile Awareness Programs
Security awareness
Ebbinghaus effect
Policy awareness
Attack recognition awareness
Awareness certification
Memory retention
Summary
Chapter 10: Impact on IT Security
Agile structure
Spreading risk
Compliance and privacy
Supply chain
Summary
Chapter 11: Barriers to Agile
Agile culture
Agile training
Agile fears
Summary
Chapter 12: Agile Planning Techniques
Mind-map example
Mind-map tools
Summary
Chapter 13: Compliance and Agile
Agile compliance
Summary
Chapter 14: Effective Agile IT Security
Agile team success factors
Agile risk success factors
Factors in the success of Agile countermeasures
Summary

Book Details

ISBN 139781849685702
Paperback120 pages
Read More