Für diesen Artikel ist leider kein Bild verfügbar.

Implementing Cybersecurity, The Cybersecurity Body of Knowledge, How to Build a Cyber-Resilient Organization, and Supply Chain Risk Management Set

Media-Kombination
1572 Seiten
2024
CRC Press
978-1-032-94662-7 (ISBN)
166,40 inkl. MwSt
The book provides the complete strategic understanding requisite to allow a person to create and use the RMF process recommendations for risk management. This will be the case both for applications of the RMF in corporate training situations, as well as for any individual who wants to obtain specialized knowledge in organizational risk managemen
Implementing Cybersecurity provides the complete strategic understanding requisite to allow a person to create and use the RMF process recommendations for risk management. This will be the case both for applications of the RMF in corporate training situations, as well as for any individual who wants to obtain specialized knowledge in organizational risk management. It is an all-purpose roadmap of sorts aimed at the practical understanding and implementation of the risk management process as a standard entity. It will enable an "application" of the risk management process as well as the fundamental elements of control formulation within an applied context.

The Cybersecurity Body of Knowledge explains the content, purpose, and use of eight knowledge areas that define the boundaries of the discipline of cybersecurity. The discussion focuses on, and is driven by, the essential concepts of each knowledge area that collectively capture the cybersecurity body of knowledge to provide a complete picture of the field.

How to Build a Cyber-Resilient Organization presents a standard methodology approach to cyber-resilience. Readers will learn how to design a cyber-resilient architecture for a given organization as well as how to maintain a state of cyber-resilience in its day-to-day operation. Readers will know how to establish a state of systematic cyber-resilience within this structure and how to evolve the protection to correctly address the threat environment. This revolves around the steps to perform strategic cyber-resilience planning, implementation and evolution. Readers will know how to perform the necessary activities to identify, prioritize and deploy targeted controls and maintain a persistent and reliable reporting system.

Supply Chain Risk Management presents the concepts of ICT supply chain risk management from the perspective of NIST IR 800-161. It covers how to create a verifiable audit-based control structure to ensure comprehensive security for acquired products. It explains how to establish systematic control over the supply chain and how to build auditable trust into the products and services acquired by the organization. It details a capability maturity development process that will install an increasingly competent process and an attendant set of activities and tasks within the technology acquisition process. It defines a complete and correct set of processes, activities, tasks and monitoring and reporting systems.

Dan Shoemaker, PhD, is full professor, senior research scientist, and program director at the University of Detroit Mercy’s Center for Cyber Security and Intelligence Studies. Dan is a former chair of the Cybersecurity & Information Systems Department and has authored numerous books and journal articles focused on cybersecurity. Anne Kohnke, PhD, is an associate professor of cybersecurity and the principle investigator of the Center for Academic Excellence in Cyber Defence at the University of Detroit Mercy. Anne’s research is focused in cybersecurity, risk management, threat modeling, and mitigating attack vectors. Ken Sigler, MS, is a faculty member of the Computer Information Systems (CIS) program at the Auburn Hills campus of Oakland Community College in Michigan. Ken’s research is in the areas of software management, software assurance, and cybersecurity.

Implementing Cybersecurity

Introduction to Organizational Security Risk Management. Survey of Existing Risk Management Models. Step 1 – Categorize Information and Information Systems. Step 2 – Select Security Controls. Step 3 – Implement Security Controls. Step 4 – Assess Security Controls. Step 5 – Authorize Information Systems. Step 6 – Monitor Security State. Practical Application to the Implementation of the NIST Risk Management Framework.

The Cybersecurity Body of Knowledge

Foreword 1. Foreword 2. Author Biographies. Introduction. Chapter 1 Securing Cyberspace Is Everybody’s Business. Chapter 2 The Cybersecurity Body of Knowledge. Chapter 3 Data Security. Chapter 4 Software Security. Chapter 5 Component Security. Chapter 6 Connection Security. Chapter 7 System Security. Chapter 8 Human Security. Chapter 9 Organizational Security. Chapter 10 Societal Security. Index.

How to Build a Cyber-Resilient Organization

1. It’s Time for a New Paradigm 2. Asset Identification and Classification 3. Establishing the Risk Status of the Corporate Infrastructure 4. Prioritization of Assets and Establishing a Plan for Resilient Change 5. Control Design and Deployment 6. Control Assessment and Assurance 7. Recovering the Non-Priority Assets 8. Ensuring a Continuously Cyber-Resilient Organization

Supply Chain Risk Management

What Product Risk Is and Why It Needs to be Managed. The Three Constituencies of Product Trust. Building a Standard Acquisition Infrastructure. Risk Management in the ICT Product Chain. Control Formulation and Implementation. Control Sustainment and Operational Assurance. A Capability Maturity Model for Secure Product Acquisition.

Erscheint lt. Verlag 14.10.2024
Reihe/Serie Security, Audit and Leadership Series
Zusatzinfo 191 Illustrations, black and white
Verlagsort London
Sprache englisch
Maße 156 x 234 mm
Gewicht 2902 g
Themenwelt Informatik Netzwerke Sicherheit / Firewall
Mathematik / Informatik Informatik Software Entwicklung
Mathematik / Informatik Informatik Theorie / Studium
Recht / Steuern Privatrecht / Bürgerliches Recht IT-Recht
ISBN-10 1-032-94662-8 / 1032946628
ISBN-13 978-1-032-94662-7 / 9781032946627
Zustand Neuware
Haben Sie eine Frage zum Produkt?
Mehr entdecken
aus dem Bereich
nach DSGVO und BDSG

von Andreas Schaupp

Druckwerk (2023)
Deutscher Apotheker Verlag
58,00
Datenschutz (Kombi-Ausgabe), Mitarbeiter-Merkblatt Datenschutz und …
Media-Kombination (2022)
Forum Verlag Herkert
304,95