Building an Effective Security Program (eBook)

eBook Download: PDF
2020 | 1. Auflage
444 Seiten
Walter de Gruyter GmbH & Co.KG (Verlag)
978-1-5015-0652-9 (ISBN)
Systemvoraussetzungen
59,95 inkl. MwSt
  • Download sofort lieferbar
  • Zahlungsarten anzeigen

Building an Effective Security Program provides readers with a comprehensive approach to securing the IT systems in use at their organizations. This book provides information on how to structure and operate an effective cybersecurity program that includes people, processes, technologies, security awareness, and training. This program will establish and maintain effective security protections for the confidentiality, availability, and integrity of organization information. In this book, the authors take a pragmatic approach to building organization cyberdefenses that are effective while also remaining affordable.

This book is intended for business leaders, IT professionals, cybersecurity personnel, educators, and students interested in deploying real-world cyberdefenses against today's persistent and sometimes devastating cyberattacks. It includes detailed explanation of the following IT security topics:

  • IT Security Mindset-Think like an IT security professional, and consider how your IT environment can be defended against potential cyberattacks.
  • Risk Management-Identify the assets, vulnerabilities and threats that drive IT risk, along with the controls that can be used to mitigate such risk.
  • Effective Cyberdefense-Consider the components of an effective organization cyberdefense to successfully protect computers, devices, networks, accounts, applications and data.
  • Cyber Operations-Operate cyberdefense capabilities and controls so that assets are protected, and intruders can be detected and repelled before significant damage can be done.
  • IT Security Awareness and Training-Promote effective cybersecurity practices at work, on travel, and at home, among your organization's business leaders, IT professionals, and staff.
  • Resilient IT Security-Implement, operate, monitor, assess, and improve your cybersecurity program on an ongoing basis to defend against the cyber threats of today and the future.

lt;strong>Chris K. Williams, Leidos, USA; Scott E. Donaldson, Johns Hopkins University, USA; Stanley G. Siegel, Johns Hopkins University, USA

FOREWORD – 1 page

ABOUT THE AUTHORS – 1 page

ACKNOWLEDGMENTS – 1 page

INTRODUCTION – 2 pages

  • What is this book about?
  • Who should read this book?
  • Why did the authors write this book?
  • Organization of the book

CHAPTERS

  • Chapter 1—Business Case (~15 pages)

This chapter presents the business case for setting up an enduring IT security awareness and training program for use in training the employees of the company—from IT users to career IT security professionals. This chapter introduces fundamental concepts and terms used throughout the book.

  • Chapter 2—IT Security Mind Set (~15 pages)

This chapter presents thinking like an IT security professional to establish and maintain common security protections.

  • Chapter 3—IT Security Risk Management (~15 pages)

This chapter presents a risk management process that involves asset management, security vulnerabilities, security threats, risk identification, risk mitigation, and security controls.

  • Chapter 4—IT Security Process (~15 pages)

This chapter presents how to establish security scopes and select corresponding controls to protect the confidentiality, availability, and integrity of company information.

  • Chapter 5—IT Security Scenarios and Perspectives (~40 pages)

This chapter presents how the Chapter 4 IT security process is applied to various scenarios. Each scenario will walk through a number of common security controls and apply the IT security process to identify how to protect company information.

    1. IT security at home
    2. IT security while traveling
    3. IT security at work
    4. IT security as an executive
    5. International IT security

  • Chapter 6—Planning IT Security Awareness and Training (~15 pages)

This chapter presents practical guidance on how to write an IT Awareness and Training implementation plan.

  • Chapter 7—Implementing IT Security Awareness and Training Program(~15 pages)

This chapter presents human issues related to bringing about enterprise-wide cultural change due to implementation of an IT Awareness and Training Program.

  • Chapter 8—Measuring IT Security Awareness and Training Program Implementation (~15 pages)

This chapter presents practical guidance for measuring program implementation success and how to use the measurements to achieve awareness and training goals.

  • Chapter 9—Managing Continual Program Improvement (~15 pages)

This chapter presents practical guidance for monitoring compliance, evaluating feedback and improving the program.

  • Chapter 10—Looking to the Future (~15 pages)

This chapter presents a view of the evolving cybersecurity attacks as they become more capable and sophisticated.

APPENDICES – 10 pages

GLOSSARY – 3 pages

BIBLIOGRAPHY – 3 pages

INDEX – 4 pages

Erscheint lt. Verlag 21.9.2020
Zusatzinfo 79 b/w ill., 1 b/w tbl.
Verlagsort Boston
Sprache englisch
Themenwelt Mathematik / Informatik Informatik Datenbanken
Informatik Netzwerke Sicherheit / Firewall
Schlagworte cybercrime • cybersecurity • cyber threat • Hacking • Phishing • security • Virus
ISBN-10 1-5015-0652-8 / 1501506528
ISBN-13 978-1-5015-0652-9 / 9781501506529
Haben Sie eine Frage zum Produkt?
PDFPDF (Wasserzeichen)
Größe: 1,6 MB

DRM: Digitales Wasserzeichen
Dieses eBook enthält ein digitales Wasser­zeichen und ist damit für Sie persona­lisiert. Bei einer missbräuch­lichen Weiter­gabe des eBooks an Dritte ist eine Rück­ver­folgung an die Quelle möglich.

Dateiformat: PDF (Portable Document Format)
Mit einem festen Seiten­layout eignet sich die PDF besonders für Fach­bücher mit Spalten, Tabellen und Abbild­ungen. Eine PDF kann auf fast allen Geräten ange­zeigt werden, ist aber für kleine Displays (Smart­phone, eReader) nur einge­schränkt geeignet.

Systemvoraussetzungen:
PC/Mac: Mit einem PC oder Mac können Sie dieses eBook lesen. Sie benötigen dafür einen PDF-Viewer - z.B. den Adobe Reader oder Adobe Digital Editions.
eReader: Dieses eBook kann mit (fast) allen eBook-Readern gelesen werden. Mit dem amazon-Kindle ist es aber nicht kompatibel.
Smartphone/Tablet: Egal ob Apple oder Android, dieses eBook können Sie lesen. Sie benötigen dafür einen PDF-Viewer - z.B. die kostenlose Adobe Digital Editions-App.

Buying eBooks from abroad
For tax law reasons we can sell eBooks just within Germany and Switzerland. Regrettably we cannot fulfill eBook-orders from other countries.

Mehr entdecken
aus dem Bereich
Das Praxishandbuch zu Krisenmanagement und Krisenkommunikation

von Holger Kaschner

eBook Download (2024)
Springer Fachmedien Wiesbaden (Verlag)
34,99
Methodische Kombination von IT-Strategie und IT-Reifegradmodell

von Markus Mangiapane; Roman P. Büchler

eBook Download (2024)
Springer Vieweg (Verlag)
42,99