A Data Security Management Security Novel by David Schleinger, CISSP
About the Book
Every day cybersecurity specialist Nancy MacBaron fights in the corporate trenches against criminal hackers intent on stealing her company’s sensitive information. She is well trained, highly skilled and security-certified yet she discovers she and her company are helpless in the face of an unexpected data theft from inside.
Called into her boss’s office early one morning, Nancy MacBaron is given dual assignments: one, to help locate the person who is holding their data for ransom, and two, investigate how their information management process allowed such a huge amount of sensitive information to be stolen. Amidst the rivalry among departments, and the pressure of financial disaster for the company, Nancy begins a journey of discovery that shows her a landscape of data process activity that nobody is coordinating or even really aware exists.
Nancy confers with a number of people, some helpful, some resentful of outsiders, all adding more pieces to the puzzle. Amidst the new ideas, old work habits, and personal conflicts Nancy begins to recognize hidden and ungoverned gaps within the corporation along with following clues to find the criminal before the company’s data is auctioned off to the highest bidder.
Follow Nancy as she gathers different perspectives from developers, data architects, managers, attorneys, cybersecurity specialists, data governance groups, law enforcement, and members of her own family to formulate a method to protect sensitive information that coordinates the expertise of many business groups to eliminate gaps in The Hidden Corporation.
About the Author
David Schlesinger has 25 years of experience in information technology and data security management. He is CISSP certified in cybersecurity and is on the Board of Directors of the Phoenix ISSA, a security professional association. David has authored two US Patents for data governance methods that use Metadata classifications to audit and automate user rights and regulatory compliance, and speaks widely at data management and security conferences. He is a Senior Security Architect and currently consults with commercial and government organizations on information protection involving enhanced Metadata, self-aware data architecture, data classification practices, and information regulatory compliance.