Management of Information Security

Author: Michael E. Whitman,Herbert J. Mattord

Publisher: Cengage Learning

ISBN: 1305856252

Category: Computers

Page: 592

View: 3156

DOWNLOAD NOW »
Readers discover a managerially-focused overview of information security with a thorough treatment of how to most effectively administer it with MANAGEMENT OF INFORMATION SECURITY, 5E. Information throughout helps readers become information security management practitioners able to secure systems and networks in a world where continuously emerging threats, ever-present attacks, and the success of criminals illustrate the weaknesses in current information technologies. Current and future professional managers complete this book with the exceptional blend of skills and experiences to develop and manage the more secure computing environments that today’s organizations need. This edition offers a tightened focus on key executive and managerial aspects of information security while still emphasizing the important foundational material to reinforce key concepts. Updated content reflects the most recent developments in the field, including NIST, ISO, and security governance. Important Notice: Media content referenced within the product description or the product text may not be available in the ebook version.

Management of Information Security

Author: Michael E. Whitman,Herbert J. Mattord

Publisher: Cengage Learning

ISBN: 130550125X

Category: Computers

Page: 592

View: 9970

DOWNLOAD NOW »
Readers discover a managerially-focused overview of information security with a thorough treatment of how to most effectively administer it with MANAGEMENT OF INFORMATION SECURITY, 5E. Information throughout helps readers become information security management practitioners able to secure systems and networks in a world where continuously emerging threats, ever-present attacks, and the success of criminals illustrate the weaknesses in current information technologies. Current and future professional managers complete this book with the exceptional blend of skills and experiences to develop and manage the more secure computing environments that today’s organizations need. This edition offers a tightened focus on key executive and managerial aspects of information security while still emphasizing the important foundational material to reinforce key concepts. Updated content reflects the most recent developments in the field, including NIST, ISO, and security governance. Important Notice: Media content referenced within the product description or the product text may not be available in the ebook version.

Management of Information Security

Author: Michael Whitman,Herbert Mattord

Publisher: Cengage Learning

ISBN: 1435488849

Category: Computers

Page: 592

View: 3499

DOWNLOAD NOW »
Management of Information Security, Third Edition focuses on the managerial aspects of information security and assurance. Topics covered include access control models, information security governance, and information security program assessment and metrics. Coverage on the foundational and technical components of information security is included to reinforce key concepts. This new edition includes up-to-date information on changes in the field such as revised sections on national and international laws and international standards like the ISO 27000 series. With these updates, Management of Information Security continues to offer a unique overview of information security from a management perspective while maintaining a finger on the pulse of industry changes and academic relevance. Important Notice: Media content referenced within the product description or the product text may not be available in the ebook version.

Principles of Information Security

Author: Michael E. Whitman,Herbert J. Mattord

Publisher: Cengage Learning

ISBN: 1337102067

Category: Computers

Page: 656

View: 6566

DOWNLOAD NOW »
Master the latest technology and developments from the field with the book specifically oriented to the needs of those learning information systems -- PRINCIPLES OF INFORMATION SECURITY, 6E. Taking a managerial approach, this bestseller emphasizes all aspects of information security, rather than just the technical control perspective. Readers gain a broad overview of the entire field of information security and related elements with the detail to ensure understanding. The book highlights terms used in the field and a history of the discipline as readers learn how to manage an information security program. This edition highlights the latest practices with fresh examples that explore the impact of emerging technologies, such as the Internet of Things, Cloud Computing, and DevOps. Updates address technical security controls, emerging legislative issues, digital forensics, and ethical issues in IS security, making this the ideal IS resource for business decision makers. Important Notice: Media content referenced within the product description or the product text may not be available in the ebook version.

Readings & Cases in Information Security: Law & Ethics

Author: Michael E. Whitman,Herbert J. Mattord

Publisher: Cengage Learning

ISBN: 1435441575

Category: Computers

Page: 352

View: 1577

DOWNLOAD NOW »
Readings and Cases in Information Security: Law and Ethics provides a depth of content and analytical viewpoint not found in many other books. Designed for use with any Cengage Learning security text, this resource offers readers a real-life view of information security management, including the ethical and legal issues associated with various on-the-job experiences. Included are a wide selection of foundational readings and scenarios from a variety of experts to give the reader the most realistic perspective of a career in information security. Important Notice: Media content referenced within the product description or the product text may not be available in the ebook version.

Hands-On Information Security Lab Manual

Author: Michael E. Whitman,Herbert J. Mattord,Andrew Green

Publisher: Cengage Learning

ISBN: 1285167570

Category: Computers

Page: 592

View: 9515

DOWNLOAD NOW »
HANDS-ON INFORMATION SECURITY LAB MANUAL, Fourth Edition, helps you hone essential information security skills by applying your knowledge to detailed, realistic exercises using Microsoft Windows 2000, Windows XP, Windows 7, and Linux. This wide-ranging, non-certification-based lab manual includes coverage of scanning, OS vulnerability analysis and resolution, firewalls, security maintenance, forensics, and more. The Fourth Edition includes new introductory labs focused on virtualization techniques and images, giving you valuable experience with some of the most important trends and practices in information security and networking today. All software necessary to complete the labs are available online as a free download. An ideal resource for introductory, technical, and managerial courses or self-study, this versatile manual is a perfect supplement to the PRINCIPLES OF INFORMATION SECURITY, SECURITY FUNDAMENTALS, and MANAGEMENT OF INFORMATION SECURITY books. Important Notice: Media content referenced within the product description or the product text may not be available in the ebook version.

Roadmap to Information Security: For IT and Infosec Managers

Author: Michael Whitman,Herbert Mattord

Publisher: Cengage Learning

ISBN: 1435480309

Category: Computers

Page: 400

View: 6973

DOWNLOAD NOW »
ROADMAP TO INFORMATION SECURITY: FOR IT AND INFOSEC MANAGERS provides a solid overview of information security and its relationship to the information needs of an organization. Content is tailored to the unique needs of information systems professionals who find themselves brought in to the intricacies of information security responsibilities. The book is written for a wide variety of audiences looking to step up to emerging security challenges, ranging from students to experienced professionals. This book is designed to guide the information technology manager in dealing with the challenges associated with the security aspects of their role, providing concise guidance on assessing and improving an organization’s security. The content helps IT managers to handle an assignment to an information security role in ways that conform to expectations and requirements, while supporting the goals of the manager in building and maintaining a solid information security program. Important Notice: Media content referenced within the product description or the product text may not be available in the ebook version.

Practical Information Security Management

A Complete Guide to Planning and Implementation

Author: Tony Campbell

Publisher: Apress

ISBN: 1484216857

Category: Computers

Page: 237

View: 8303

DOWNLOAD NOW »
Create appropriate, security-focused business propositions that consider the balance between cost, risk, and usability, while starting your journey to become an information security manager. Covering a wealth of information that explains exactly how the industry works today, this book focuses on how you can set up an effective information security practice, hire the right people, and strike the best balance between security controls, costs, and risks. Practical Information Security Management provides a wealth of practical advice for anyone responsible for information security management in the workplace, focusing on the ‘how’ rather than the ‘what’. Together we’ll cut through the policies, regulations, and standards to expose the real inner workings of what makes a security management program effective, covering the full gamut of subject matter pertaining to security management: organizational structures, security architectures, technical controls, governance frameworks, and operational security. This book was not written to help you pass your CISSP, CISM, or CISMP or become a PCI-DSS auditor. It won’t help you build an ISO 27001 or COBIT-compliant security management system, and it won’t help you become an ethical hacker or digital forensics investigator – there are many excellent books on the market that cover these subjects in detail. Instead, this is a practical book that offers years of real-world experience in helping you focus on the getting the job done. What You Will Learn Learn the practical aspects of being an effective information security manager Strike the right balance between cost and risk Take security policies and standards and make them work in reality Leverage complex security functions, such as Digital Forensics, Incident Response and Security Architecture Who This Book Is For“/div>divAnyone who wants to make a difference in offering effective security management for their business. You might already be a security manager seeking insight into areas of the job that you’ve not looked at before, or you might be a techie or risk guy wanting to switch into this challenging new career. Whatever your career goals are, Practical Security Management has something to offer you.

Computer and Information Security Handbook

Author: John R. Vacca

Publisher: Morgan Kaufmann

ISBN: 0128039299

Category: Computers

Page: 1280

View: 7323

DOWNLOAD NOW »
Computer and Information Security Handbook, Third Edition, provides the most current and complete reference on computer security available in one volume. The book offers deep coverage of an extremely wide range of issues in computer and cybersecurity theory, applications, and best practices, offering the latest insights into established and emerging technologies and advancements. With new parts devoted to such current topics as Cloud Security, Cyber-Physical Security, and Critical Infrastructure Security, the book now has 100 chapters written by leading experts in their fields, as well as 12 updated appendices and an expanded glossary. It continues its successful format of offering problem-solving techniques that use real-life case studies, checklists, hands-on exercises, question and answers, and summaries. Chapters new to this edition include such timely topics as Cyber Warfare, Endpoint Security, Ethical Hacking, Internet of Things Security, Nanoscale Networking and Communications Security, Social Engineering, System Forensics, Wireless Sensor Network Security, Verifying User and Host Identity, Detecting System Intrusions, Insider Threats, Security Certification and Standards Implementation, Metadata Forensics, Hard Drive Imaging, Context-Aware Multi-Factor Authentication, Cloud Security, Protecting Virtual Infrastructure, Penetration Testing, and much more. Written by leaders in the field Comprehensive and up-to-date coverage of the latest security technologies, issues, and best practices Presents methods for analysis, along with problem-solving techniques for implementing practical solutions

Building a Practical Information Security Program

Author: Jason Andress,Mark Leary

Publisher: Syngress

ISBN: 0128020881

Category: Computers

Page: 202

View: 8584

DOWNLOAD NOW »
Building a Practical Information Security Program provides users with a strategic view on how to build an information security program that aligns with business objectives. The information provided enables both executive management and IT managers not only to validate existing security programs, but also to build new business-driven security programs. In addition, the subject matter supports aspiring security engineers to forge a career path to successfully manage a security program, thereby adding value and reducing risk to the business. Readers learn how to translate technical challenges into business requirements, understand when to "go big or go home," explore in-depth defense strategies, and review tactics on when to absorb risks. This book explains how to properly plan and implement an infosec program based on business strategy and results. Provides a roadmap on how to build a security program that will protect companies from intrusion Shows how to focus the security program on its essential mission and move past FUD (fear, uncertainty, and doubt) to provide business value Teaches how to build consensus with an effective business-focused program

Information Security Management: Global Challenges in the New Millennium

Global Challenges in the New Millennium

Author: Dhillon, Gurpreet

Publisher: IGI Global

ISBN: 9781930708860

Category: Computers

Page: 364

View: 5012

DOWNLOAD NOW »
Information security is moving much higher up the agenda of corporate concerns. If information is our most important asset, then we must gird ourselves up for the task of protecting it properly. Information Security Management: Global Challenges in the New Millennium focuses on aspects of information security planning, evaluation, design and implementation.

Management of Information Security, Loose-Leaf Version

Author: Michael E. Whitman,Herbert J. Mattord

Publisher: Cengage Learning

ISBN: 9781337685672

Category: Computers

Page: 672

View: 9515

DOWNLOAD NOW »
MANAGEMENT OF INFORMATION SECURITY, Sixth Edition prepares you to become an information security management practitioner able to secure systems and networks in a world where continuously emerging threats, ever-present attacks and the success of criminals illustrate the weaknesses in current information technologies. You'll develop both the information security skills and practical experience that organizations are looking for as they strive to ensure more secure computing environments. The text focuses on key executive and managerial aspects of information security. It also integrates coverage of CISSP and CISM throughout to effectively prepare you for certification. Reflecting the most recent developments in the field, it includes the latest information on NIST, ISO and security governance as well as emerging concerns like Ransomware, Cloud Computing and the Internet of Things.

The Economics of Information Security and Privacy

Author: Rainer Böhme

Publisher: Springer Science & Business Media

ISBN: 3642394981

Category: Computers

Page: 321

View: 2910

DOWNLOAD NOW »
In the late 1990s, researchers began to grasp that the roots of many information security failures can be better explained with the language of economics than by pointing to instances of technical flaws. This led to a thriving new interdisciplinary research field combining economic and engineering insights, measurement approaches and methodologies to ask fundamental questions concerning the viability of a free and open information society. While economics and information security comprise the nucleus of an academic movement that quickly drew the attention of thinktanks, industry, and governments, the field has expanded to surrounding areas such as management of information security, privacy, and, more recently, cybercrime, all studied from an interdisciplinary angle by combining methods from microeconomics, econometrics, qualitative social sciences, behavioral sciences, and experimental economics. This book is structured in four parts, reflecting the main areas: management of information security, economics of information security, economics of privacy, and economics of cybercrime. Each individual contribution documents, discusses, and advances the state of the art concerning its specific research questions. It will be of value to academics and practitioners in the related fields.

Security Risk Management

Building an Information Security Risk Management Program from the Ground Up

Author: Evan Wheeler

Publisher: Elsevier

ISBN: 9781597496162

Category: Computers

Page: 360

View: 1569

DOWNLOAD NOW »
Security Risk Management is the definitive guide for building or running an information security risk management program. This book teaches practical techniques that will be used on a daily basis, while also explaining the fundamentals so students understand the rationale behind these practices. It explains how to perform risk assessments for new IT projects, how to efficiently manage daily risk activities, and how to qualify the current risk level for presentation to executive level management. While other books focus entirely on risk analysis methods, this is the first comprehensive text for managing security risks. This book will help you to break free from the so-called best practices argument by articulating risk exposures in business terms. It includes case studies to provide hands-on experience using risk assessment tools to calculate the costs and benefits of any security investment. It explores each phase of the risk management lifecycle, focusing on policies and assessment processes that should be used to properly assess and mitigate risk. It also presents a roadmap for designing and implementing a security risk management program. This book will be a valuable resource for CISOs, security managers, IT managers, security consultants, IT auditors, security analysts, and students enrolled in information security/assurance college programs. Named a 2011 Best Governance and ISMS Book by InfoSec Reviews Includes case studies to provide hands-on experience using risk assessment tools to calculate the costs and benefits of any security investment Explores each phase of the risk management lifecycle, focusing on policies and assessment processes that should be used to properly assess and mitigate risk Presents a roadmap for designing and implementing a security risk management program

Security Metrics Management

Measuring the Effectiveness and Efficiency of a Security Program

Author: Gerald L. Kovacich,Edward Halibozek

Publisher: Butterworth-Heinemann

ISBN: 0128045000

Category: Business & Economics

Page: 306

View: 6999

DOWNLOAD NOW »
Security Metrics Management, Measuring the Effectiveness and Efficiency of a Security Program, Second Edition details the application of quantitative, statistical, and/or mathematical analyses to measure security functional trends and workload, tracking what each function is doing in terms of level of effort (LOE), costs, and productivity. This fully updated guide is the go-to reference for managing an asset protection program and related security functions through the use of metrics. It supports the security professional’s position on budget matters, helping to justify the cost-effectiveness of security-related decisions to senior management and other key decision-makers. The book is designed to provide easy-to-follow guidance, allowing security professionals to confidently measure the costs of their assets protection program - their security program - as well as its successes and failures. It includes a discussion of how to use the metrics to brief management, build budgets, and provide trend analyses to develop a more efficient and effective asset protection program. Examines the latest techniques in both generating and evaluating security metrics, with guidance for creating a new metrics program or improving an existing one Features an easy-to-read, comprehensive implementation plan for establishing an asset protection program Outlines detailed strategies for creating metrics that measure the effectiveness and efficiency of an asset protection program Offers increased emphasis through metrics to justify security professionals as integral assets to the corporation Provides a detailed example of a corporation briefing for security directors to provide to executive management

Information Security Management with ITIL®

Author: Jacques A. Cazemier,Paul Overbeek,Louk Peters

Publisher: Van Haren

ISBN: 9087535538

Category: Education

Page: 146

View: 3855

DOWNLOAD NOW »
This groundbreaking new title looks at Information Security from defining what security measures positively support the business, to implementation to maintaining the required level and anticipating required changes. It covers: Fundamentals of information security – providing readers insight and give background about what is going to be managed. Topics covered include: types of security controls, business benefits and the perspectives of business, customers, partners, service providers, and auditors. Fundamentals of management of information security - explains what information security management is about and its objectives. Details are also given on implementing the process and the continuous effort required to maintain its quality. ITIL V3 and Information Security Management - shows the links with the other ITIL processes. Shows how integrating the Information Security Management activities into existing processes and activities not only supports efficiencies but ultimately is the key way to achieve effective Information Security Management. Implementing Information Security Management - gives practical advice how to put Information Security Management into practice. From awareness in the organization via documentation required to maturity models; this guidance describes best practices for realizing Information Security Management.