This website uses cookies. View our cookie policy
United Kingdom
Select regional store:
The psychology of information security

The Psychology of Information Security - Resolving conflicts between security compliance and human behaviour

SKU: 4736
Authors: Leron Zinatullin
Publishers: ITGP
Format: Softcover
ISBN13: 9781849287890
Published: 26 Jan 2016
Availability: In Stock
Format: Adobe eBook
ISBN13: 9781849287906
Published: 26 Jan 2016
Availability: Available
Format: ePub
ISBN13: 9781849287913
Published: 26 Jan 2016
Availability: Available

Book of the month: Understand the psychology behind information security with this insightful look at human behaviour.

Drawing on the experience of industry experts and related academic research, this book will help you create a robust security culture that really will be understood by your staff and the business.

Buy before 28 February 2017 and save 10%

What format do I need?

Options:
Regular Price: £12.95
On Sale For: £11.65

Description

Ensure the success of your security programme by understanding users' motivations

 

“A clear, concise text that breaks down information security into manageable chunks, with plenty of food for thought.”

Lori Baker

 

“Augusta University’s Cyber Institute adopted the book “The Psychology of Information Security” as part of our Master’s in Information Security Management program because we feel that the human factor plays an important role in securing and defending an organization…We want our students to not only understand technical and managerial aspects of security, but psychological aspects as well.”

Mark Harris, Director of Graduate Studies in Information Security Management, Augusta University

 

Based on insights gained from academic research and interviews with UK-based security professionals from various sectors, The Psychology of Information Security – Resolving conflicts between security compliance and human behaviour explains the importance of careful risk management and how to align a security programme with wider business objectives, providing methods and techniques to engage stakeholders and encourage buy-in.

The Psychology of Information Security redresses the balance by considering information security from both end users’ and security professionals’ perspectives. This will help you gain insight into security issues relating to human behaviour and understand how a security culture that puts risk into context promotes compliance.

Contents

  • Chapter 1: Introduction to information security
  • Chapter 2: Risk management
  • Chapter 3: The complexity of risk management
  • Chapter 4: Stakeholders and communication
  • Chapter 5: Information security governance
  • Chapter 6: Problems with policies
  • Chapter 7: How security managers make decisions
  • Chapter 8: How users make decisions
  • Chapter 9: Security and usability
  • Chapter 10: Security culture
  • Chapter 11: The psychology of compliance
  • Chapter 12: Conclusion – Changing the approach to security
  • Appendix: Analogies

Series information

The Psychology of Information Security is part of the Fundamentals Series, co-published by IT Governance Publishing and Information Security Buzz.

Ensure the success of your security programme by understanding the psychology of information security. Buy this book today.

 

Reviews

“This book cuts to the heart of many of the challenges in risk management, providing advice and tips from interviews as well as models that can be employed easily. Leron manages to do this without being patronising or prescriptive, making it an easy read with some very real practical takeaways.”
Thom Langford
Chief Information Security Officer at Publicis Groupe
“Based on real world examples the book provides valuable insights into the relationship of information security, compliance, business economics and decision theory. Drawing on interdisciplinary studies, commentary from the field and his own research Leron gives the reader the necessary background and practical tools to drive improvements in their own information security program.”
Daniel Schatz
Director for Threat & Vulnerability Management at Thomson Reuters

 

About the Author

Leron Zinatullin (zinatullin.com) is an experienced risk consultant specialising in cyber security strategy, management and delivery. He has led large-scale, global, high-value security transformation projects with a view to improve cost performance and support business strategy.

He has extensive knowledge and practical experience in solving information security, privacy and architectural issues across multiple industry sectors.

He has an MSc in information security from University College London, where he focused on the human aspects of information security. His research was related to modelling conflicts between security compliance and human behaviour.

Customer Reviews

(14# of Ratings:)
25/01/2017
0 people found this comment helpful
0 did not
Was this comment helpful?
|
Augusta University’s Cyber Institute adopted the book “The Psychology of Information Security” as part of our Master’s in Information Security Management program because we feel that the human factor plays an important role in securing and defending an organization. Understanding behavioral aspects of the human element is important for many information security managerial functions, such as developing security policies and awareness training. Therefore, we want our students to not only understand technical and managerial aspects of security, but psychological aspects as well.
13/01/2017
0 people found this comment helpful
0 did not
Was this comment helpful?
|
A clear, concise text that breaks down information security into manageable chunks, with plenty of food for thought.
11/02/2016
1 people found this comment helpful
0 did not
Was this comment helpful?
|
This book takes some of the most fundamental aspects of information security and provides expert insight and solutions that all businesses can learn from. A lot of people struggle to understand the basic concepts and importance of cyber security to their business, but here we read about real-life scenarios and business advice, in a simple yet effective manner, that everyone can relate to. The book acknowledges the need for people to work together to improve their position and this is exactly what Leron has done to create such a fantastic book. Featuring thoughts and concepts from industry leaders such as Javvad Mailk, Thom Langford and Bruce Schneier. I’d highly recommend this book for any CEO or any executive that wants to understand what security means for their business.
10/02/2016
0 people found this comment helpful
0 did not
Was this comment helpful?
|
Leron provides many thought provoking insights on how human behaviour affects risk management. Without understanding the intricacies between these two topics, teams delivering security improvements may not be successful. This is essential reading for anyone seeking to expand their expertise beyond technical risk topics.
10/02/2016
1 people found this comment helpful
0 did not
Was this comment helpful?
|
This is a short and sweet book that you can whizz through in an hour, whether to top up what you know about information security - and security management generally - or to provoke yourself into some thinking.
09/02/2016
0 people found this comment helpful
0 did not
Was this comment helpful?
|
I have grown quite enthusiastic about this work. Clear arguments are provided based on accepted science, with these brought together in a strong case for a new approach to security. As such, the views in this book coincide with the fresh wind also found in accountancy of cooperate governance, focusing on the new trend for leadership within security.
08/02/2016
0 people found this comment helpful
0 did not
Was this comment helpful?
|
I found this book an excellent read. The author combines personal experience, academic research and interviews to provide a different perspective on IT security compliance. The book moves away from the traditional approach of checklists and strict enforcement of compliance to explain the reasons why people choose, or fail, to comply, and proposes some good higher impact solutions based on modifying behaviours
05/02/2016
0 people found this comment helpful
0 did not
Was this comment helpful?
|
This book is a refreshing take on an old subject; it serves as both a fresh way to look at information security risks in your organisation as well as an introduction to risk management if you have just started in the role. Using a broad range of sources from academic to face to face interviews it cuts to the heart of many of the challenges in risk management, providing advice and tips from interviews as well as models that can be employed easily. Zinatullin manages to do this without being patronising or prescriptive, making this book an easy read with some very real practical takeaways.
04/02/2016
0 people found this comment helpful
0 did not
Was this comment helpful?
|
I think this book is a good investment for those working in the information security industry looking for ideas from the latest research in productive security. The style of writing, and the anecdotes ensure that practitioners are given lots of bite-sized ideas that they can take away and put into practice right away.
03/02/2016
0 people found this comment helpful
0 did not
Was this comment helpful?
|
This brief primer provides a great introduction to the challenges of matching staff expectations and security requirements.
Showing comments 1-10 of 14 (Next 10)
Click Here to see all comments
Loading...