The book provides a pragmatic approach to evaluating security at a company

and putting together an effective information security program. The book

focuses on three key themes; People, Processes, and Technology and is

organized according to the steps executives would follow in order to develop

an information security program for their company. Key elements of the

program include staffing this function at a company, putting the necessary

internal processes in place, and implementing the appropriate technology.

Business executives will find this book a good primer for understanding the key

existing and future security issues, and for taking the necessary action to ensure

the protection of their enterprise's information assets.

The objective of this book is to provide a "short cut" for executives to learn

more about information security and how it will affect their business in the

future. An overview of information security concepts is provided, so they can

be better prepared to evaluate how their company is addressing information

security.