Published on 12 April 2013, updated 06 February 2014
IBM Form #: SG24-8100-00
Authors: Axel Buecker, Saritha Arunkumar, Brian Blackshaw, Martin Borrett, Peter Brittenham, Jan Flegr, Jaco Jacobs, Vladimir Jeremic, Mark Johnston, Christian Mark, Gretchen Marx, Stefaan Van Daele and Serge Vereecke
Security is a major consideration in the way that business and information technology systems are designed, built, operated, and managed. The need to be able to integrate security into those systems and the discussions with business functions and operations exists more than ever.
This IBM® Redbooks® publication explores concerns that characterize security requirements of, and threats to, business and information technology (IT) systems. This book identifies many business drivers that illustrate these concerns, including managing risk and cost, and compliance to business policies and external regulations. This book shows how these drivers can be translated into capabilities and security needs that can be represented in frameworks, such as the IBM Security Blueprint, to better enable enterprise security.
To help organizations with their security challenges, IBM created a bridge to address the communication gap between the business and technical perspectives of security to enable simplification of thought and process. The IBM Security Framework can help you translate the business view, and the IBM Security Blueprint describes the technology landscape view. Together, they can help bring together the experiences that we gained from working with many clients to build a comprehensive view of security capabilities and needs.
This book is intended to be a valuable resource for business leaders, security officers, and consultants who want to understand and implement enterprise security by considering a set of core security capabilities and services.
Chapter 1. Introducing the IBM Security Framework and IBM Security Blueprint
Chapter 2. The components of the IBM Security Blueprint
Chapter 3. IT security frameworks and standards
Chapter 4. Using O-ESA to develop an enterprise security architecture
Chapter 5. Business scenario for the Mobile Device Security solution pattern