Practical information security management : a complete guide to planning and implementation /: a complete guide to planning and implementation. (2016)
- Record Type:
- Book
- Title:
- Practical information security management : a complete guide to planning and implementation /: a complete guide to planning and implementation. (2016)
- Main Title:
- Practical information security management : a complete guide to planning and implementation
- Further Information:
- Note: Tony Campbell.
- Other Names:
- Campbell, Tony
- Contents:
- At a Glance; Contents; About the Author; About the Technical Reviewers; Acknowledgments; Introduction; Chapter 1: Evolution of a Profession; What's in a Name?; The Language of Security; CIA; Confidentiality; Integrity; Availability; Non-Repudiation; Threats and Vulnerabilities; Risk and Consequence; Glossary of Useful Terms; Chapter 2: Threats and Vulnerabilities; Threats; Hiding in Plain Sight; How Does Tor Work?; The Deep Web; Malware as a Service; Criminal Motivations and Capabilities; Physical Threats; Vulnerabilities; Technical Vulnerabilities; Non-Technical Vulnerabilities. Physical VulnerabilitiesProcess Vulnerabilities; People Vulnerabilities; People Can Be Compromised; Chapter 3: The Information Security Manager; Information Security Job Roles; Training, Experience, and Professionalism; Career Planning with Professional and Academic Certifications; Getting Started in Security Management; The Information Security Manager's Responsibilities; The Information Security Management System; Chapter 4: Organizational Security; Security in Organizational Structures; Where Does Security Fit?; License to Operate: Get Your Guys Certified. Encourage a Culture of Security AwarenessWorking with Specialist Groups; Working with Standards and Regulations; Working with Risk Management; Risk Identification; Risk Analysis; Qualitative Assessments; Quantitative Analysis; Risk Treatment; Risk Monitoring; Business Continuity Management and Disaster Planning; Working with EnterpriseAt a Glance; Contents; About the Author; About the Technical Reviewers; Acknowledgments; Introduction; Chapter 1: Evolution of a Profession; What's in a Name?; The Language of Security; CIA; Confidentiality; Integrity; Availability; Non-Repudiation; Threats and Vulnerabilities; Risk and Consequence; Glossary of Useful Terms; Chapter 2: Threats and Vulnerabilities; Threats; Hiding in Plain Sight; How Does Tor Work?; The Deep Web; Malware as a Service; Criminal Motivations and Capabilities; Physical Threats; Vulnerabilities; Technical Vulnerabilities; Non-Technical Vulnerabilities. Physical VulnerabilitiesProcess Vulnerabilities; People Vulnerabilities; People Can Be Compromised; Chapter 3: The Information Security Manager; Information Security Job Roles; Training, Experience, and Professionalism; Career Planning with Professional and Academic Certifications; Getting Started in Security Management; The Information Security Manager's Responsibilities; The Information Security Management System; Chapter 4: Organizational Security; Security in Organizational Structures; Where Does Security Fit?; License to Operate: Get Your Guys Certified. Encourage a Culture of Security AwarenessWorking with Specialist Groups; Working with Standards and Regulations; Working with Risk Management; Risk Identification; Risk Analysis; Qualitative Assessments; Quantitative Analysis; Risk Treatment; Risk Monitoring; Business Continuity Management and Disaster Planning; Working with Enterprise Architecture; Working with Facilities Management; Conclusion; Chapter 5: Information Security Implementation; Integration with Risk Management; The Language of Risk; Use Existing Frameworks; Secure Development; Security Architecture Awareness. Security RequirementsOrganizational Interfaces; Post Implementation; Conclusion; Chapter 6: Standards, Frameworks, Guidelines, and Legislation; Why Do We Need Standards?; Legislation; Privacy; US-EU Safe Harbor and Privacy Shield; Employer and Employee Rights; Computer Fraud and Abuse Laws; US Computer Fraud and Abuse Act; UK Computer Misuse Act; Australia's Cybercrime Act; Records Retention; Intellectual Property and Copyright; The ISO/IEC 27000 Series of Standards; ISO/IEC 27001; Getting Certified; ISO/IEC 27002; ISO/IEC 27035; List of Published ISO/IEC 27000 Standards; Business Continuity. Risk Management StandardsCOBIT; Payment Card Industry Data Security Standard; Health Insurance Portability and Accountability Act; Conclusion; Chapter 7: Protection of Information; Information Classification; Business Impact Levels; Implementing Information Classification; Information Classification or Systems Classification?; Tactical Implementation; Strategic Implementation; Identification, Authentication, and Authorization; Access Control Models; System Privileges; Separation of Duties; Delegation of Privileges; Chapter 8: Protection of People; Human Vulnerabilities; Social Engineering. … (more)
- Publisher Details:
- United States : Apress
- Publication Date:
- 2016
- Extent:
- 1 online resource
- Subjects:
- 005.8
Computer security -- Management
COMPUTERS -- Security -- General
Computer security -- Management
Computer Science
Security
Systems and Data Security
Performance and Reliability
Electronic books
Electronic books - Languages:
- English
- ISBNs:
- 9781484216859
1484216857 - Related ISBNs:
- 9781484216842
1484216849 - Access Rights:
- Legal Deposit; Only available on premises controlled by the deposit library and to one user at any one time; The Legal Deposit Libraries (Non-Print Works) Regulations (UK).
- Access Usage:
- Restricted: Printing from this resource is governed by The Legal Deposit Libraries (Non-Print Works) Regulations (UK) and UK copyright law currently in force.
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library HMNTS - ELD.DS.379123
- Ingest File:
- 02_361.xml