It’s surprisingly hard to find good quality guidance for business managers on information security, and even harder to find material that is free. Far too much essential reference material is priced beyond the budgets of small enterprises or individuals.
I was delighted therefore to hear that Eduardo Gelbstein has published a free book “Information security for non-technical managers“.
For those of you that don’t know Ed, he’s a highly experienced CIO, former Director of the United Nations International Computing Centre and a fountain of streetwise knowledge on IT Governance. Ed as a good grasp of how to bridge the gap between management theory and business reality.
The book is a good overview of the subject for business managers, IT staff or auditors. It also very kindly references my Wiley book “Managing the Human Factor in Information Security“.