Information Security Management Principles

Author: Andy Taylor

Publisher: BCS, The Chartered Institute for IT

ISBN: 9781780171784

Category: Business & Economics

Page: 208

View: 9226

In today's technology-driven environment, there is an ever-increasing demand for information delivery. A compromise has to be struck between security and availability. This book is a pragmatic guide to information assurance for both business professionals and technical experts. The second edition includes the security of cloud-based resources and the contents have been revised to reflect the changes to the BCS Certification in Information Security Management Principles which the book supports.

ISO27001/ISO27002: Ein Taschenführer

Author: Alan Calder

Publisher: IT Governance Ltd

ISBN: 1849289093

Category: Computers

Page: N.A

View: 8142

Schützen Sie die Informationen Ihrer Organisation mit ISO27001:2013 Informationen gehören zu den wichtigsten Ressourcen Ihrer Organisation und ihre Sicherheit ist überlebenswichtig für Ihr Geschäft. Dieser praktische Taschenführer bietet einen grundlegenden Überblick über die beiden wichtigsten Informationssicherheitsstandards mit den formalen Anforderungen (ISO27001:2013) zum Erstellen eines Informationssicherheit-Managementsystems (ISMS) sowie Empfehlungen zu besten Verfahren (ISO27002:2013) für alle jenen, die dieses Einführen, Umsetzen oder Verwalten müssen. Ein auf der Norm ISO27001/ISO27002 basierendes ISMS bietet zahlreiche Vorteile: Verbessern Sie Ihre Effizienz durch Informationssicherheitssysteme und vorgehensweisen, dank derer Sie sich auf ihr Kerngeschäft konzentrieren könnenSchützen Sie Ihre Informationswerte vor einer Reihe von Cyber-Bedrohungen, krimineller Aktivitäten, Gefährdungen durch Insider und SystemausfälleManagen Sie Ihre Risiken systematisch und erstellen Sie Pläne zum Beseitigen oder Verringern von Cyber-BedrohungenErkennen Sie Bedrohungen oder Prozessfehler eher und beheben Sie sie schnellerDer nächste Schritt zur Zertifizierung? Sie können einen unabhängigen Audit Ihres ISMS anhand der Spezifikationen der Norm ISO27001 vornehmen lassen und, wenn dieser die Konformität Ihres ISMS bestätigt, unter Umständen einen akkreditierte Zertifizierung erhalten. Wir veröffentlichen eine Reihe von Toolkits und Büchern zum Thema ISMS (wie „Nine Steps to Success“), die Sie dabei unterstützen. InhaltDie ISO/IEC 27000 Familie von Informationssicherheitsstandards;Hintergrund der Normen;Unterschied Spezifikation - Leitfaden;Zertifizierungsprozess;Die ISMS und ISO27001;Überblick über ISO/IEC 27001:2013;Überblick über ISO/IEC 27002:2013;Dokumente und Aufzeichnungen;Führungsverantwortung;Prozessansatz und PDCA-Zyklus;Kontext, Politik und Anwendungsbereich;Risikobeurteilung;Die Erklärung zur Anwendbarkeit;Umsetzung;Überprüfung und Handeln;Managementprüfung;ISO27001 Anhang A; Über den Autor Alan Calder ist Gründer und Vorstandsvorsitzender der IT Governance Ltd, ein Informations-, Analyse- und Beratungsunternehmen, das Unternehmen bei der Verwaltung von IT-Governance-, Risikomanagement-, Compliance- und Informationssicherheitsfragen unterstützt. Er verfügt über eine langjährige Erfahrung im Senior Management im privaten und öffentlichen Sektor. Dieser praktische Taschenführer bietet einen grundlegenden Überblick über die beiden wichtigsten Informationssicherheitsstandards – kaufen Sie ihn noch heute und erfahren Sie, wie Sie das wertvollste Gut Ihrer Organisation schützen können.

Principles of Information Security

Author: Michael E. Whitman,Herbert J. Mattord

Publisher: Cengage Learning

ISBN: 1337102067

Category: Computers

Page: 656

View: 7014

Master the latest technology and developments from the field with the book specifically oriented to the needs of those learning information systems -- PRINCIPLES OF INFORMATION SECURITY, 6E. Taking a managerial approach, this bestseller emphasizes all aspects of information security, rather than just the technical control perspective. Readers gain a broad overview of the entire field of information security and related elements with the detail to ensure understanding. The book highlights terms used in the field and a history of the discipline as readers learn how to manage an information security program. This edition highlights the latest practices with fresh examples that explore the impact of emerging technologies, such as the Internet of Things, Cloud Computing, and DevOps. Updates address technical security controls, emerging legislative issues, digital forensics, and ethical issues in IS security, making this the ideal IS resource for business decision makers. Important Notice: Media content referenced within the product description or the product text may not be available in the ebook version.

Management of Information Security

Author: Michael E. Whitman,Herbert J. Mattord

Publisher: Cengage Learning

ISBN: 130550125X

Category: Computers

Page: 592

View: 9267

Readers discover a managerially-focused overview of information security with a thorough treatment of how to most effectively administer it with MANAGEMENT OF INFORMATION SECURITY, 5E. Information throughout helps readers become information security management practitioners able to secure systems and networks in a world where continuously emerging threats, ever-present attacks, and the success of criminals illustrate the weaknesses in current information technologies. Current and future professional managers complete this book with the exceptional blend of skills and experiences to develop and manage the more secure computing environments that today’s organizations need. This edition offers a tightened focus on key executive and managerial aspects of information security while still emphasizing the important foundational material to reinforce key concepts. Updated content reflects the most recent developments in the field, including NIST, ISO, and security governance. Important Notice: Media content referenced within the product description or the product text may not be available in the ebook version.

Information Security Management: Global Challenges in the New Millennium

Global Challenges in the New Millennium

Author: Dhillon, Gurpreet

Publisher: IGI Global

ISBN: 9781930708860

Category: Computers

Page: 364

View: 3503

Information security is moving much higher up the agenda of corporate concerns. If information is our most important asset, then we must gird ourselves up for the task of protecting it properly. Information Security Management: Global Challenges in the New Millennium focuses on aspects of information security planning, evaluation, design and implementation.

Practical Information Security Management

A Complete Guide to Planning and Implementation

Author: Tony Campbell

Publisher: Apress

ISBN: 1484216857

Category: Computers

Page: 237

View: 2652

Create appropriate, security-focused business propositions that consider the balance between cost, risk, and usability, while starting your journey to become an information security manager. Covering a wealth of information that explains exactly how the industry works today, this book focuses on how you can set up an effective information security practice, hire the right people, and strike the best balance between security controls, costs, and risks. Practical Information Security Management provides a wealth of practical advice for anyone responsible for information security management in the workplace, focusing on the ‘how’ rather than the ‘what’. Together we’ll cut through the policies, regulations, and standards to expose the real inner workings of what makes a security management program effective, covering the full gamut of subject matter pertaining to security management: organizational structures, security architectures, technical controls, governance frameworks, and operational security. This book was not written to help you pass your CISSP, CISM, or CISMP or become a PCI-DSS auditor. It won’t help you build an ISO 27001 or COBIT-compliant security management system, and it won’t help you become an ethical hacker or digital forensics investigator – there are many excellent books on the market that cover these subjects in detail. Instead, this is a practical book that offers years of real-world experience in helping you focus on the getting the job done. What You Will Learn Learn the practical aspects of being an effective information security manager Strike the right balance between cost and risk Take security policies and standards and make them work in reality Leverage complex security functions, such as Digital Forensics, Incident Response and Security Architecture Who This Book Is For“/div>divAnyone who wants to make a difference in offering effective security management for their business. You might already be a security manager seeking insight into areas of the job that you’ve not looked at before, or you might be a techie or risk guy wanting to switch into this challenging new career. Whatever your career goals are, Practical Security Management has something to offer you.

Information Security Management Handbook, Fourth Edition

Author: Harold F. Tipton

Publisher: CRC Press

ISBN: 1482292289

Category: Computers

Page: 640

View: 9242

The runaway growth of computer viruses and worms and the ongoing nuisance posed by malicious hackers and employees who exploit the security vulnerabilities of open network protocols make the tightness of an organization's security system an issue of prime importance. And information systems technology is advancing at a frenetic pace. Against this background, the challenges facing information security professionals are increasing rapidly. Information Security Management Handbook, Fourth Edition, Volume 2 is an essential reference for anyone involved in the security of information systems.

Information Security and Employee Behaviour

How to Reduce Risk Through Employee Education, Training and Awareness

Author: Angus McIlwraith

Publisher: Gower Publishing, Ltd.

ISBN: 9780566086472

Category: Business & Economics

Page: 169

View: 805

Angus McIlwraith's book explains how corporate culture affects perceptions of risk and information security, and how this in turn affects employee behaviour. He then provides a very pragmatic solution involving strategies and techniques for educating and training employees in information security and explains how different metrics can be used to assess awareness and behaviour.

Die globale Überwachung

Der Fall Snowden, die amerikanischen Geheimdienste und die Folgen

Author: Glenn Greenwald

Publisher: Droemer eBook

ISBN: 3426425165

Category: Political Science

Page: 320

View: 8979

Bereits in seinen ersten Artikeln über die NSA-Affäre brachte Glenn Greenwald das ganze Ausmaß der Massenüberwachung im digitalen Zeitalter ans Licht. Seine Berichterstattung, für die er mit dem Pulitzer-Preis ausgezeichnet wurde, löste international ein politisches Erdbeben aus. In seinem Buch deckt Greenwald anhand einer Fülle von brisanten Geheimdokumenten aus dem Archiv des Whistleblowers Edward Snowden die illegalen Praktiken der amerikanischen Geheimdienste auf. Alles und jeder wird ausgespäht, die Bevölkerung steht unter Kollektivverdacht. Meinungsfreiheit wird im Namen der Sicherheit unterdrückt, und es gibt keine Privatsphäre mehr – nirgends.

Roadmap to Information Security: For IT and Infosec Managers

Author: Michael E. Whitman,Herbert J. Mattord

Publisher: Cengage Learning

ISBN: 1435480309

Category: Computers

Page: 400

View: 4412

ROADMAP TO INFORMATION SECURITY: FOR IT AND INFOSEC MANAGERS provides a solid overview of information security and its relationship to the information needs of an organization. Content is tailored to the unique needs of information systems professionals who find themselves brought in to the intricacies of information security responsibilities. The book is written for a wide variety of audiences looking to step up to emerging security challenges, ranging from students to experienced professionals. This book is designed to guide the information technology manager in dealing with the challenges associated with the security aspects of their role, providing concise guidance on assessing and improving an organization's security. The content helps IT managers to handle an assignment to an information security role in ways that conform to expectations and requirements, while supporting the goals of the manager in building and maintaining a solid information security program. Important Notice: Media content referenced within the product description or the product text may not be available in the ebook version.

Principles of Information Security, Loose-Leaf Version

Author: Michael E. Whitman,Herbert J. Mattord

Publisher: N.A

ISBN: 9781337685757

Category: Computers

Page: N.A

View: 483

Master the latest technology and developments from the field with the book specifically oriented to the needs of information systems students like you -- PRINCIPLES OF INFORMATION SECURITY, 6E. Taking a managerial approach, this bestseller emphasizes all aspects of information security, rather than just a technical control perspective. You receive a broad overview of the entire field of information security and related elements with the detail to ensure understanding. You review terms used in the field and a history of the discipline as you learn how to manage an information security program. Current and relevant, this edition highlights the latest practices with fresh examples that explore the impact of emerging technologies, such as the Internet of Things, Cloud Computing, and DevOps. Updates address technical security controls, emerging legislative issues, digital forensics, and ethical issues in IS security, making this the ideal IS resource for business decision makers.

A Guide To The Project Management Body Of Knowledge (Pmbok(r) Guide) (German)

Author: N.A

Publisher: N.A

ISBN: 9781628251883

Category: Business & Economics

Page: 756

View: 3735

The PMBOK(R) Guide - Sixth Edition - PMI's flagship publication has been updated to reflect the latest good practices in project management. New to the Sixth Edition, each knowledge area will contain a section entitled Approaches for Agile, Iterative and Adaptive Environments, describing how these practices integrate in project settings. It will also contain more emphasis on strategic and business knowledge--including discussion of project management business documents--and information on the PMI Talent Triangle(TM) and the essential skills for success in today's market.

Hacken für Dummies

Author: Kevin Beaver

Publisher: John Wiley & Sons

ISBN: 3527805001

Category: Computers

Page: 370

View: 3789

Fürchten Sie um Ihre Unternehmensdaten? Machen Sie sich Sorgen um Ihre IT-Systeme, wenn Sie wieder einmal lesen, dass unbekannte Hacker ein Unternehmen für Wochen lahmgelegt haben? Warten Sie nicht ab, bis es auch in Ihren Systemen passiert, sondern tun Sie etwas! Dabei hilft Ihnen dieses Buch. Versetzen Sie sich als erstes in die Rolle des Schurken und lernen Sie zu denken wie ein Krimineller! Wo sind die Hürden am niedrigsten? Welche grundlegenden Hackertechniken gibt es? Kevin Beaver zeigt Ihnen, wo Ihre Systeme verwundbar sein könnten, sodass Sie im Rennen um die IT-Sicherheit die Nase vorn behalten.

Netzwerke für Dummies

Author: Doug Lowe

Publisher: John Wiley & Sons

ISBN: 3527815430

Category: Computers

Page: 510

View: 703

Wollen Sie ein Netzwerk einrichten? Einem Kollegen Ihre Dateien auf einfache Art zugänglich machen? Den Drucker gemeinsam mit der ganzen Familie nutzen? Alle Mitarbeiter auf die Kundendatenbank zugreifen lassen? Dieses Buch hilft Ihnen bei der Installation, Konfiguration und Administration Ihres ersten Netzwerks, ganz egal, ob Sie zu Hause ein Heimnetzwerk einrichten oder beruflich als Systemadministrator einsteigen wollen. Klären Sie zunächst ein paar grundsätzliche Fragen: LAN oder WLAN? Welches Betriebssystem? Und dann geht es ran ans Netz: den Drucker ins Netz bringen, Benutzerkonten einrichten, den Mail- und Web-Server konfigurieren. Und natürlich geht das Buch auch auf Cloud Computing, die Integration mobiler Geräte, auf Netzwerksicherheit und auf virtuelle Maschinen ein.

Information Security

Principles and Practices

Author: Mark S. Merkow,Jim Breithaupt

Publisher: Pearson IT Certification

ISBN: 0133589633

Category: Computers

Page: 368

View: 5801

Information Security: Principles and Practices, Second Edition Everything You Need to Know About Modern Computer Security, in One Book Clearly explains all facets of information security in all 10 domains of the latest Information Security Common Body of Knowledge [(ISC)² CBK]. Thoroughly updated for today’s challenges, technologies, procedures, and best practices. The perfect resource for anyone pursuing an IT security career. Fully updated for the newest technologies and best practices, Information Security: Principles and Practices, Second Edition thoroughly covers all 10 domains of today’s Information Security Common Body of Knowledge. Two highly experienced security practitioners have brought together all the foundational knowledge you need to succeed in today’s IT and business environments. They offer easy-to-understand, practical coverage of topics ranging from security management and physical security to cryptography and application development security. This edition fully addresses new trends that are transforming security, from cloud services to mobile applications, “Bring Your Own Device” (BYOD) strategies to today’s increasingly rigorous compliance requirements. Throughout, you’ll find updated case studies, review questions, and exercises–all designed to reveal today’s real-world IT security challenges and help you overcome them. Learn how to -- Recognize the evolving role of IT security -- Identify the best new opportunities in the field -- Discover today’s core information security principles of success -- Understand certification programs and the CBK -- Master today’s best practices for governance and risk management -- Architect and design systems to maximize security -- Plan for business continuity -- Understand the legal, investigatory, and ethical requirements associated with IT security -- Improve physical and operational security -- Implement effective access control systems -- Effectively utilize cryptography -- Improve network and Internet security -- Build more secure software -- Define more effective security policies and standards -- Preview the future of information security

Die Kunst der Täuschung

Author: Kevin D. Mitnick,William Simon

Publisher: MITP-Verlags GmbH & Co. KG

ISBN: 3826686896

Category: Computers

Page: 416

View: 1891

Mitnick führt den Leser in die Denk- und Handlungsweise des Social Engineering ein, beschreibt konkrete Betrugsszenarien und zeigt eindrucksvoll die dramatischen Konsequenzen, die sich daraus ergeben. Dabei nimmt Mitnick sowohl die Perspektive des Angreifers als auch des Opfers ein und erklärt damit sehr eindrucksvoll, wieso die Täuschung so erfolgreich war - und wie man sich effektiv dagegen schützen kann.

Managing Information Assurance in Financial Services

Author: Rao, H.R.

Publisher: IGI Global

ISBN: 1599041731

Category: Computers

Page: 346

View: 2460

"This book provides high-quality research papers and industrial practice articles about information security in the financial service industry. It provides insight into current information security measures, including: technology, processes, and compliance from some of the leading researchers and practitioners in the field"--Provided by publisher.

Information Security Risk Management

Risikomanagement mit ISO/IEC 27001, 27005 und 31010

Author: Sebastian Klipper

Publisher: Springer-Verlag

ISBN: 3658087749

Category: Computers

Page: 198

View: 8971

Das Buch fasst alle Sachverhalte zum Risikomanagement zusammen, verbindet sie mit anderen Informationsquellen und umrahmt sie mit vielen Praxistipps, 38 Abbildungen und Tabellen und 14 Fallbeispielen. Wer mit ISO/IEC 27005 arbeiten möchte, für den reicht der unkommentierte Blick in den Standard nicht aus. Die Normenreihe ISO/IEC 27000 ist in den letzten Jahren stark gewachsen und es ist schwer den Überblick zu behalten. Dieses Buch zielt auf den Einsatz in der Praxis und richtet sich an jeden, der seine Entscheidungen auf Grundlage einer fundierten Risikoanalyse treffen will. Zusätzliche Funktionen für Smartphones: 40 QR-Codes mit redaktionell gepflegten Links führen Sie mit Ihrem Smartphone direkt aus dem Buch ins Internet. So gelangen Sie ohne Tippen von der Buchseite aus auf die passende Webseite. Auf diese Weise sind die Vorzüge von Buch und Internet jederzeit für Sie verfügbar. Darüber hinaus steht Ihnen der Autor auf seiner Facebook-Seite und in seinem Blog „Klipper on Security“ als Ansprechpartner zur Verfügung.

NETWORK SECURITY AND MANAGEMENT

Author: BRIJENDRA SINGH

Publisher: PHI Learning Pvt. Ltd.

ISBN: 8120344979

Category: Computers

Page: 420

View: 2546

Written in an easy-to-understand style, this textbook, now in its third edition, continues to discuss in detail important concepts and major developments in network security and management. It is designed for a one-semester course for undergraduate students of Computer Science, Information Technology, and undergraduate and postgraduate students of Computer Applications. Students are first exposed to network security principles, organizational policy and security infrastructure, and then drawn into some of the deeper issues of cryptographic algorithms and protocols underlying network security applications. Encryption methods, secret key and public key cryptography, digital signature and other security mechanisms are emphasized. Smart card, biometrics, virtual private networks, trusted operating systems, pretty good privacy, database security, and intrusion detection systems are comprehensively covered. An in-depth analysis of technical issues involved in security management, risk management and security and law is presented. In the third edition, two new chapters—one on Information Systems Security and the other on Web Security—and many new sections such as digital signature, Kerberos, public key infrastructure, software security and electronic mail security have been included. Additional matter has also been added in many existing sections. KEY FEATURES : Extensive use of block diagrams throughout helps explain and clarify the concepts discussed. About 250 questions and answers at the end of the book facilitate fruitful revision of the topics covered. Includes a glossary of important terms. KEY FEATURES : Extensive use of block diagrams throughout helps explain and clarify the concepts discussed. About 250 questions and answers at the end of the book facilitate fruitful revision of the topics covered. Includes a glossary of important terms.