Mapping Security: The Corporate Security Sourcebook for Today’s Global Economy

Product Description
This is a management-level book for companies and organizations that are (orwill be) doing business in more than one country. This distinction applies toincreasing numbers of corporations because remaining competitive dependsupon supply chains, customers, and outsourced operations that routinely mapacross the globe. Written in three sections, the book is designed to helpcompanies with security once they, or their extended organization, leave thecomfort of their home… More >>

Mapping Security: The Corporate Security Sourcebook for Today’s Global Economy

5 replies
  1. Jack D. Herrington says:

    I’m really impressed by this book. It’s a summarization of a lot of valuable research that you can find nowhere else. Which to me is the definition of a great book. The authors take us on a world tour and give us background on the security concerns in all of the different countries. It’s fascinating, insightful and even funny at times. A must have for anyone doing applications business globally.
    Rating: 5 / 5

  2. Ben Rothke says:

    Creating an effective information security infrastructure for a large multi-national company is a challenge. Above and beyond the technology, the software, and the hardware, there are non-tangibles, specificially the cultures and laws where the security solutions, people, and technology will be deployed. Deploying technology without considering the local environment and culture is a sure-fire way to undermine a project.

    Today’s technology infrastructure is getting more and more complex. Companies are more global with more porous borders. Outsourcing is increasing dramatically, creating an additional need to understand the cultures in the remote locations.

    Given all that, Mapping Security: The Corporate Security Sourcebook for Today’s Global Economy is a valuable guidebook to deploying information security outside of the United States. Author Tom Patterson is a former Big 4 Information Security partner whose job responsibilities saw him living abroad for much of his adult life. The book is not so much a network security title, but rather a guide to performing the business of security across various cultural and physical borders. Mapping Security is management-level source book for companies and organizations that do – or plan to do – business outside of the United States. Patterson takes his years of living abroad, his successes and his failures, his war stories, and his challenges, and maps them into a usable framework so the reader can better deploy an information security program.

    In the book, Patterson details the various opportunities and challenges in each geographic sector across the globe and provides security best practices, rules, and customs for 30 countries. Patterson does a good job of explaining how and where Americans are often perceived to be arrogant by having a overly U.S.-centric view of things.

    The book is divided in three parts. Part 1 details the manner in which an effective information security infrastructure can be developed. Chapters 1 through 7 show the necessary steps to building an effective security culture. The book, especially Part 1, is focused not so much on specific technology but rather the processes in which to develop such a security infrastructure.

    The heart of the book is in Part 2 where Patterson details his Mapping Security Index (MSI). The function of the MSI is to provide the reader with a metric to determine how an organization can perform security functions in a different country. The book has an MSI for 30 countries, but it does not detail every country, only those where U.S.organizations are likely to do business.

    Peterson’s expertise comes from living abroad extensively and bringing to the table how business should be done in whatever country you are dealing with. Two of the countries with the highest MSI are Netherlands (90) and Canada (93), with Russia (26) and Saudi Arabia (32) at the bottom. The main advantages of the Netherlands and Canada are that they both have a safe, stable, and effective infrastructure in which to build an information security organization.

    Russia, on the other hand, while having a strong technical outsourcing potential has a legal and technical infrastructure that is significantly lacking. Additionally, most other business services are not yet on par with the rest of the region. As to Saudi Arabia, Patterson notes that while it provides a growing domestic marketing, it is an extremely difficult security partner to deal with and has very little cross-border activity. There is extremely little opportunity for women when it comes to the region. He notes that it is practically impossible for women to do business there and observes that “surrendering gender equity is simply the cost of doing business in Saudi Arabia”.

    Part 3 of the book deals with that challenge of mapping various laws and regulations from different countries. Part of the challenge and headache is dealing with laws from different countries that are contradictory. For example, one country might require an organization to capture and report customer information, while another country forbids it. The question becomes whose law do you break? That is not an easy question to answer, but it is one that needs to be considered.

    The author notes that security standards and regulations are the biggest drivers for security around the world and a misstep in dealing with regulations can create the scenario where one could face business impairments, fines, or even prison.

    Overall, Mapping Security: The Corporate Security Sourcebook for Today’s Global Economy is a very valuable reference guide for anyone who needs to deal with information security in different countries and cultures. By relating security to the international community, the book enables the reader to avoid making those mistakes that can sink a security project.

    Patterson has a keen business insight, and the book provides many of his war stories (from illegal barbeques in Germany to an innocuous racial fax paus in South Africa). The book is not overly technical in nature and is both entertaining and informative. For anyone that plans to deploy security outside of the United States Mapping Security should be required reading.

    Rating: 5 / 5

  3. R. Colby Mims says:

    From business executives who want and need to understand the complexities of securing global ecommerce, to consultants and sales people who support global companies, to analysts who evaluate these companies, this is a must read source book. While vast today, electronic commerce is growing very rapidly, and for many if not most companies, electronic commerce will determine success or failure. This book will not only help companies protect their investments in ecommerce, product, market and customer data, but it will also help map strategies for security as they expand to new markets.
    Rating: 5 / 5

  4. Mark A. Bentley says:

    Mapping Security does a singularly effective job at bridging technology and business, and creates a compelling case that the two are inexorably intertwined. Patterson’s wealth of knowledge and experience in international commerce is breathtaking, and he is adroit at maneuvering between arcane, widesweeping regulations and personal anecdotes. In reading a pre-release copy, I was reminded of those print ads on the London Underground, consisting of three frames, each with a photo of a cricket: Depending on the country, the cricket is a pest, a pet, or a snack.

    Patterson brushes aside the typical rah-rah platitudes of high-level business books, and recognizes that the real world is not always a tidy place, and that laws are complex and often contradictory. Expanding on the idea that without security, eCommerce is a non-starter, Patterson approaches security issues from both technological and legal/cultural perspectives. His insight is keen, his examples are topical, and his “war stories” are entertaining as well as informative.

    In an era where the multinational company model is becoming the norm, and where American businesspeople are being treated with increasing disdain overseas, no C-level manager should ever board an international flight without having read “Mapping Security.”
    Rating: 5 / 5

  5. Deirdre Skolfield says:

    Every businesss owner or executive who does business to some degree outside of their home country should keep this book close at hand. The use of electronic means of communicating financial, product and customer data is growing exponentially around the world, and this book is a sourcebook for how to keep that data secure as it flows around the world. THIS is NOT an area of business that owners/execs/officers/directors can afford to stay in the dark about.
    Rating: 5 / 5

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.