Developing an Enterprise Continuity Program - Sergei Petrenko

Developing an Enterprise Continuity Program

(Autor)

Buch | Hardcover
584 Seiten
2021
River Publishers (Verlag)
978-87-7022-397-3 (ISBN)
149,60 inkl. MwSt
The book discusses the activities involved in developing an Enterprise Continuity Program (ECP) that will cover both Business Continuity Management (BCM) as well as Disaster Recovery Management (DRM). The creation of quantitative metrics for BCM are discussed as well as several models and methods that correspond to the goals and objectives of the International Standards Organisation (ISO) Technical Committee ISO/TC 292 "Security and resilience”. Significantly, the book contains the results of not only qualitative, but also quantitative, measures of Cyber Resilience which for the first time regulates organizations’ activities on protecting their critical information infrastructure.

The book discusses the recommendations of the ISO 22301: 2019 standard “Security and resilience — Business continuity management systems — Requirements” for improving the BCM of organizations based on the well-known “Plan-Do-Check-Act” (PDCA) model. It also discusses the recommendations of the following ISO management systems standards that are widely used to support BCM. The ISO 9001 standard "Quality Management Systems"; ISO 14001 "Environmental Management Systems"; ISO 31000 "Risk Management", ISO/IEC 20000-1 "Information Technology - Service Management", ISO/IEC 27001 "Information Management security systems”, ISO 28000 “Specification for security management systems for the supply chain”, ASIS ORM.1-2017, NIST SP800-34, NFPA 1600: 2019, COBIT 2019, RESILIA, ITIL V4 and MOF 4.0, etc. The book expands on the best practices of the British Business Continuity Institute’s Good Practice Guidelines (2018 Edition), along with guidance from the Disaster Recovery Institute’s Professional Practices for Business Continuity Management (2017 Edition). Possible methods of conducting ECP projects in the field of BCM are considered in detail. Based on the practical experience of the author there are examples of Risk Assessment (RA) and Business Impact Analysis (BIA), examples of Business Continuity Plans (BCP) & Disaster Recovery Plans (DRP) and relevant BCP & DRP testing plans.

This book will be useful to Chief Information Security Officers, internal and external Certified Information Systems Auditors, senior managers within companies who are responsible for ensuring business continuity and cyber stability, as well as teachers and students of MBA’s, CIO and CSO programs.

Sergei Petrenko was born in 1968 in Kaliningrad (K¨onigsberg). In 1991, he graduated with honors from the Leningrad State University with a degree in mathematics and engineering. In 1997 – adjuncture and in 2003, he obtained his doctorate. The designer of information security systems of critical information objects: Three national Centers for Monitoring Information Security Threats and two Situational-Crisis Centers (RCCs) of domestic state; Three operators of special information security services MSSP (Managed Security Service Provider) and MDR (Managed Detection and Response Services) and two virtual trusted communication operators MVNO; More than 10 State and corporate segments of the System for Detection, Prevention and Elimination of the Effects of Computer Attacks (SOPCA) and the System for Detection and Prevention of Computer Attacks (SPOCA); Five monitoring centers for information security threats and responding to information security incidents CERT (Computer Emergency Response Team) and CSIRT (Computer Security Incident Response Team) and two industrial CERT industrial Internet IIoT/IoT. Head of the State Scientific School "Mathematical and Software Support of Critical Objects of the Russian Federation". Expert of the Section on Information Security Problems of the Scientific Council under the Security Council of the Russian Federation. Scientific Editor of the magazine "Inside. Data protection". Doctor of Technical Sciences, Professor. It is part of the management of the Interregional Public Organization Association of Heads of Information Security Services (ARSIB), an independent non-profit organization Russian Union of IT Directors (SODIT). Author and co-author of 14 monographs and practical manuals of publishing houses "Springer Nature Switzerland AG", "River Publishers", "Peter", "Athena" and "DMK-Press": "Big Data Technologies for Monitoring of Computer Security: A Case Study of the Russian Federation", "Cyber Resilience", "Cyber Security Innovation for the Digital Economy: A Case Study of the Russian Federation", "Methods of information protection in the Internet", "Methods and technologies of information security of critical objects of the national infrastructure", "Methods and technologies of cloud security", "Audit of corporate Internet/Internet security", "Information Risk Management", "Information Security Policies" and more than 350 articles on information security issues (Proceedings of ISA RAS and SPIIRAS, journals "Cybersecurity issues", "Information security problems", "Open systems", "Inside: Information protection", "Security systems", "Electronics", "Communication Bulletin", "Network Journal", "Connect World of Connect", etc.).

Developing an Enterprise Continuity Program

Erscheinungsdatum
Verlagsort Gistrup
Sprache englisch
Maße 156 x 234 mm
Gewicht 1920 g
Themenwelt Informatik Datenbanken Data Warehouse / Data Mining
Mathematik / Informatik Informatik Theorie / Studium
ISBN-10 87-7022-397-1 / 8770223971
ISBN-13 978-87-7022-397-3 / 9788770223973
Zustand Neuware
Haben Sie eine Frage zum Produkt?
Mehr entdecken
aus dem Bereich
Datenanalyse für Künstliche Intelligenz

von Jürgen Cleve; Uwe Lämmel

Buch | Softcover (2024)
De Gruyter Oldenbourg (Verlag)
74,95
Auswertung von Daten mit pandas, NumPy und IPython

von Wes McKinney

Buch | Softcover (2023)
O'Reilly (Verlag)
44,90