Information Security Handbook Enhance Your Proficiency in Information Security Program Development
Information Security Handbook is a practical guide that’ll empower you to take effective actions in securing your organization’s assets. Whether you are an experienced security professional seeking to refine your skills or someone new to the field looking to build a strong foundation, this book is d...
| Otros Autores: | |
|---|---|
| Formato: | Libro electrónico |
| Idioma: | Inglés |
| Publicado: |
Birmingham, England :
Packt Publishing Ltd
[2023]
|
| Edición: | Second edition |
| Materias: | |
| Ver en Biblioteca Universitat Ramon Llull: | https://discovery.url.edu/permalink/34CSUC_URL/1im36ta/alma991009781239106719 |
Tabla de Contenidos:
- Cover
- Title Page
- Copyright and Credits
- Dedicated
- Contributors
- Table of Contents
- Preface
- Chapter 1: Information and Data Security Fundamentals
- Introduction
- Information security challenges
- Evolution of cybercrime
- The modern role of information security
- Information technology security engineering
- Information assurance
- The CIA triad
- Organizational information security assessment
- Risk management
- Information security standards
- Information security policies
- Information security training
- Summary
- Chapter 2: Defining the Threat Landscape
- Understanding the organizational context
- Threats
- Phishing attacks
- Ransomware
- Malware
- Distributed denial-of-service attacks
- Insider threats
- Advanced Persistent Threats
- Social engineering attacks
- Supply chain attacks
- Hackers and hacking
- White hat/ethical hacker
- Black hat hacker
- Gray hat hacker
- Blue hat hacker
- Script kiddie
- Hacktivist
- Nation-state attacker
- Penetration testing
- Cybercrime
- Exploits
- Hacker techniques
- Closing information system vulnerabilities
- Vulnerability management
- Summary
- Chapter 3: Laying a Foundation for Information and Data Security
- Developing a comprehensive information security program
- Leveraging existing frameworks instead of building from scratch
- Essential factors for information security program success
- Aligning information security with the organization's mission
- Optimizing information security measures for your organization
- Enhancing security through comprehensive awareness and training programs
- Building information security into the SDLC/SELC process
- Understanding and enhancing your information security program maturity
- Information security policies
- Information security program policy
- Enterprise information security policies.
- Information security system-specific policy
- Planning policy
- Access controls policy
- Awareness and training policy
- Auditing and accountability policy
- Configuration management policy
- Contingency planning policy
- Identification and authentication policy
- Incident response policy
- Maintenance policy
- Media protection policy
- Personnel security policy
- Physical and environmental protection policy
- Risk assessment policy
- Assessment, authorization, and monitoring policy
- System and communications protection policy
- System and information integrity policy
- Systems and services acquisitions policy
- Personally identifiable information policy
- Supply chain risk management policy
- Summary
- Chapter 4: Information Security Risk Management
- What is information security risk?
- Understanding the ownership and management of information security risk
- Identifying and protecting your organization's valuable data
- Conducting a quick risk assessment
- Risk management is an organizational-wide activity
- The life cycle of risk management in information security
- Information classification and its importance in information security
- Steps in the data classification process
- Determining information assets
- Finding information in the environment
- Organizing information into categories
- Valuing information
- Establishing impact
- Security control selection
- Security control implementation
- Assessing implemented security controls
- Authorizing information systems to operate
- Monitoring information system security controls
- Calculating risk - a comprehensive look at qualitative and quantitative risk assessments
- Qualitative risk analysis - subjective evaluation of threats
- Quantitative risk analysis - objective measurements and calculations
- Identifying threats and choosing the right approach.
- Identifying your organization's vulnerabilities
- Pairing threats with vulnerabilities
- Estimating likelihood
- Estimating impact
- Conducting the risk assessment
- Exploring management approaches to risk
- Quantitative analysis
- Summary
- Chapter 5: Developing Your Information and Data Security Plan
- Determining your information security program objectives
- Foundational information security activities to consider
- Successful information security program elements
- Rightsizing your information security program
- Compliance requirements
- Is your organization centralized or decentralized?
- Business risk appetite
- Organizational maturity
- Principles to guarantee the success of your information security program
- Business alignment
- Communication strategies
- Information security program plan elements
- Developing an information security program strategy
- Establishing key initiatives
- Defining roles and responsibilities
- Establishing enforcement areas
- Summary
- Chapter 6: Continuous Testing and Monitoring
- Types of technical testing
- SDLC considerations for testing
- Project initiation
- Requirements analysis
- System design
- System implementation
- System testing
- Operations and maintenance
- Disposition
- SDLC summary
- Continuous monitoring
- Information security assessment automation
- Effectively reporting information security metrics
- Alerting to information security weaknesses
- Vulnerability assessment
- Vulnerability scanning process
- Vulnerability resolution
- Penetration testing
- Phases of a penetration test
- Difference between vulnerability assessments and penetration testing
- Summary
- Chapter 7: Business Continuity/Disaster Recovery Planning
- Introduction to BCDR
- Integrating BC planning and DR planning
- Scope of a BCDR plan
- Focus areas for BCDR planning.
- Designing a BCDR plan
- Requirements and context gathering - BIA
- Inputs to the BIA
- Outputs from the BIA
- Sample BIA form
- Defining technical DR mechanisms
- Identifying and documenting required resources
- Conducting a gap analysis
- Developing DR mechanisms
- Developing your plan
- Testing the BCDR plan
- Summary
- Chapter 8: Incident Response Planning
- What is an IRP?
- Do I need an IRP?
- Components of an IRP
- Preparation of an IRP
- Understanding what is important
- Prioritization
- Determining what normal network activity looks like
- Observe, orient, decide, and act
- Incident response procedure development
- Identification - detection and analysis
- Identification - incident response tools
- Observational technical tools
- Orientation tools
- Decision tools
- Remediation - containment/recovery/mitigation
- Remediation - incident response tools
- Act (response) tools
- Post-incident activity
- Remediation - root cause analysis
- Lessons-learned sessions
- IRP testing
- Summary
- Chapter 9: Developing a Security Operations Center
- What is a SOC?
- What are the responsibilities of the SOC?
- Management of SOC tools
- SOC toolset design
- Using already implemented toolsets
- SOC roles
- Log/information aggregation
- Log/information analysis
- Processes and procedures
- Identification - detection and analysis
- Remediation - containment/eradication/recovery
- SOC tools
- Benefits of a SOC - in-house and MSSP
- Summary
- Chapter 10: Developing an Information Security Architecture Program
- What is information security architecture?
- Information security architecture and SDLC/SELC
- Initiation phase
- Requirement analysis phase
- Design phase
- Implementation phase
- Testing phase
- Operations and maintenance phase
- Disposition phase.
- Conducting an initial information security analysis
- Purpose and description of the information system
- Determining compliance requirements
- Documenting key information system and project roles
- Defining the expected user types
- Documenting interface requirements
- Documenting external information systems access
- Conducting a business impact assessment (BIA)
- Conducting information categorization
- Developing a security architecture advisement program
- Information security architecture process
- Example information security architecture process
- Architecture special considerations
- Summary
- Chapter 11: Cloud Security Considerations
- Importance of cloud computing
- Cloud computing characteristics
- Cloud computing service models
- Infrastructure as a Service (IaaS)
- Platform as a Service (PaaS)
- Software as a Service (SaaS)
- Cloud computing deployment models
- Public cloud
- Private cloud
- Community cloud
- Hybrid cloud
- Cloud computing management models
- Managed service providers
- Cloud service providers
- Special considerations for cloud computing
- Cloud computing data security
- Identification, authentication, and authorization in the cloud
- Monitoring and logging considerations
- Security automation considerations
- Secure application development considerations
- Summary
- Chapter 12: Zero Trust Architecture in Information Security
- Zero Trust and its principles
- The history of Zero Trust
- Importance of Zero Trust in cybersecurity
- Shifting from traditional perimeter-based security
- The pillars of Zero Trust
- Identity pillar
- Devices
- Networks
- Applications and Workloads
- Data
- Summary
- Chapter 13: Third-Party and Supply Chain Security
- Understanding C-SCRM and its importance
- The challenges in managing supply chain cybersecurity risks.
- The risks associated with supply chains.
