Information Security Handbook

Implement information security effectively as per your organization’s needs.
Preview in Mapt
Code Files

Information Security Handbook

Darren Death

Implement information security effectively as per your organization’s needs.

Quick links: > What will you learn?> Table of content

Mapt Subscription
FREE
$29.99/m after trial
eBook
$5.00
RRP $35.99
Save 86%
Print + eBook
$44.99
RRP $44.99
What do I get with a Mapt Pro subscription?
  • Unlimited access to all Packt’s 5,000+ eBooks and Videos
  • Early Access content, Progress Tracking, and Assessments
  • 1 Free eBook or Video to download and keep every month after trial
What do I get with an eBook?
  • Download this book in EPUB, PDF, MOBI formats
  • DRM FREE - read and interact with your content when you want, where you want, and how you want
  • Access this title in the Mapt reader
What do I get with Print & eBook?
  • Get a paperback copy of the book delivered to you
  • Download this book in EPUB, PDF, MOBI formats
  • DRM FREE - read and interact with your content when you want, where you want, and how you want
  • Access this title in the Mapt reader
What do I get with a Video?
  • Download this Video course in MP4 format
  • DRM FREE - read and interact with your content when you want, where you want, and how you want
  • Access this title in the Mapt reader
$0.00
$5.00
$44.99
$29.99 p/m after trial
RRP $35.99
RRP $44.99
Subscription
eBook
Print + eBook
Start 14 Day Trial

Frequently bought together


Information Security Handbook Book Cover
Information Security Handbook
$ 35.99
$ 5.00
Network Vulnerability Assessment Book Cover
Network Vulnerability Assessment
$ 35.99
$ 5.00
Buy 2 for $10.00
Save $61.98
Add to Cart

Book Details

ISBN 139781788478830
Paperback330 pages

Book Description

Having an information security mechanism is one of the most crucial factors for any organization. Important assets of organization demand a proper risk management and threat model for security, and so information security concepts are gaining a lot of traction. This book starts with the concept of information security and shows you why it’s important.

It then moves on to modules such as threat modeling, risk management, and mitigation. It also covers the concepts of incident response systems, information rights management, and more. Moving on, it guides you to build your own information security framework as the best fit for your organization. Toward the end, you’ll discover some best practices that can be implemented to make your security framework strong.

By the end of this book, you will be well-versed with all the factors involved in information security, which will help you build a security framework that is a perfect fit your organization’s requirements.

Table of Contents

Chapter 1: Information and Data Security Fundamentals
Information security challenges
Evolution of cybercrime
The modern role of information security
Organizational information security assessment
Risk management
Information security standards
Policies
Training
Summary
Chapter 2: Defining the Threat Landscape
What is important to your organization and who wants it?
Hackers and hacking
Closing information system vulnerabilities
Vulnerability management
Summary
Chapter 3: Preparing for Information and Data Security
Establishing an information security program
Information security policies
Recommended operational policies
Summary
Chapter 4: Information Security Risk Management
What is risk?
Who owns organizational risk?
Where is your valuable data?
Performing a quick risk assessment
Risk management is an organization-wide activity
Security control selection
Security control implementation
Assessing implemented security controls
Authorizing information systems to operate
Monitoring information system security controls
Calculating risk
Summary
Chapter 5: Developing Your Information and Data Security Plan
Determine your information security program objectives
Elements for a successful information security program
Helping to guarantee success
Key information security program plan elements
Defining enforcement authority
Pulling it all together
Summary
Chapter 6: Continuous Testing and Monitoring
Types of technical testing
SDLC considerations for testing
Continuous monitoring
Vulnerability assessment
Penetration testing
Difference between vulnerability assessment and penetration testing
Examples of successful attacks in the news
Summary
Chapter 7: Business Continuity/Disaster Recovery Planning
Scope of BCDR plan
Designing the BCDR plan
Requirements and context gathering – business impact assessment
Define technical disasters recovery mechanisms
Develop your plan
Test the BCDR plan
Summary
Chapter 8: Incident Response Planning
Do I need an incident response plan?
Components of an incident response plan
Preparing the incident response plan
Identification – detection and analysis
Identification – incident response tools
Remediation – containment/recovery/mitigation
Remediation - incident response tools
Post incident activity
Summary
Chapter 9: Developing a Security Operations Center
Responsibilities of the SOC
Management of security operations center tools
Security operation center toolset design
Security operations center roles
Processes and procedures
Security operations center tools
Summary
Chapter 10: Developing an Information Security Architecture Program
Information security architecture and SDLC/SELC
Conducting an initial information security analysis
Developing a security architecture advisement program
Summary
Chapter 11: Cloud Security Consideration
Cloud computing characteristics
Cloud computing service models
Cloud computing deployment models
Cloud computing management models
Cloud computing special consideration
Summary
Chapter 12: Information and Data Security Best Practices
Information security best practices
Application security
Network security
Summary

What You Will Learn

  • Develop your own information security framework
  • Build your incident response mechanism
  • Discover cloud security considerations
  • Get to know the system development life cycle
  • Get your security operation center up and running
  • Know the various security testing types
  • Balance security as per your business needs
  • Implement information security best practices

Authors

Table of Contents

Chapter 1: Information and Data Security Fundamentals
Information security challenges
Evolution of cybercrime
The modern role of information security
Organizational information security assessment
Risk management
Information security standards
Policies
Training
Summary
Chapter 2: Defining the Threat Landscape
What is important to your organization and who wants it?
Hackers and hacking
Closing information system vulnerabilities
Vulnerability management
Summary
Chapter 3: Preparing for Information and Data Security
Establishing an information security program
Information security policies
Recommended operational policies
Summary
Chapter 4: Information Security Risk Management
What is risk?
Who owns organizational risk?
Where is your valuable data?
Performing a quick risk assessment
Risk management is an organization-wide activity
Security control selection
Security control implementation
Assessing implemented security controls
Authorizing information systems to operate
Monitoring information system security controls
Calculating risk
Summary
Chapter 5: Developing Your Information and Data Security Plan
Determine your information security program objectives
Elements for a successful information security program
Helping to guarantee success
Key information security program plan elements
Defining enforcement authority
Pulling it all together
Summary
Chapter 6: Continuous Testing and Monitoring
Types of technical testing
SDLC considerations for testing
Continuous monitoring
Vulnerability assessment
Penetration testing
Difference between vulnerability assessment and penetration testing
Examples of successful attacks in the news
Summary
Chapter 7: Business Continuity/Disaster Recovery Planning
Scope of BCDR plan
Designing the BCDR plan
Requirements and context gathering – business impact assessment
Define technical disasters recovery mechanisms
Develop your plan
Test the BCDR plan
Summary
Chapter 8: Incident Response Planning
Do I need an incident response plan?
Components of an incident response plan
Preparing the incident response plan
Identification – detection and analysis
Identification – incident response tools
Remediation – containment/recovery/mitigation
Remediation - incident response tools
Post incident activity
Summary
Chapter 9: Developing a Security Operations Center
Responsibilities of the SOC
Management of security operations center tools
Security operation center toolset design
Security operations center roles
Processes and procedures
Security operations center tools
Summary
Chapter 10: Developing an Information Security Architecture Program
Information security architecture and SDLC/SELC
Conducting an initial information security analysis
Developing a security architecture advisement program
Summary
Chapter 11: Cloud Security Consideration
Cloud computing characteristics
Cloud computing service models
Cloud computing deployment models
Cloud computing management models
Cloud computing special consideration
Summary
Chapter 12: Information and Data Security Best Practices
Information security best practices
Application security
Network security
Summary

Book Details

ISBN 139781788478830
Paperback330 pages
Read More

Read More Reviews

Recommended for You

Network Vulnerability Assessment Book Cover
Network Vulnerability Assessment
$ 35.99
$ 5.00
Microsoft System Center 2012 Endpoint Protection Cookbook Book Cover
Microsoft System Center 2012 Endpoint Protection Cookbook
$ 26.99
$ 5.00
Advanced Infrastructure Penetration Testing Book Cover
Advanced Infrastructure Penetration Testing
$ 39.99
$ 5.00
Security Automation with Ansible 2 Book Cover
Security Automation with Ansible 2
$ 35.99
$ 5.00
Python for Continuous Delivery and Application Security [Video] Book Cover
Python for Continuous Delivery and Application Security [Video]
$ 124.99
$ 5.00
SQL Server 2016 Advanced Security and Administration [Video] Book Cover
SQL Server 2016 Advanced Security and Administration [Video]
$ 124.99
$ 5.00