E-Book, Englisch, 445 Seiten, eBook
Reihe: Computer Science
Lincke Information Security Planning
2. Auflage 2024
ISBN: 978-3-031-43118-0
Verlag: Springer International Publishing
Format: PDF
Kopierschutz: 1 - PDF Watermark
A Practical Approach
E-Book, Englisch, 445 Seiten, eBook
Reihe: Computer Science
ISBN: 978-3-031-43118-0
Verlag: Springer International Publishing
Format: PDF
Kopierschutz: 1 - PDF Watermark
This book demonstrates how information security requires a deep understanding of an organization's assets, threats and processes, combined with the technology that can best protect organizational security. It provides step-by-step guidance on how to analyze business processes from a security perspective, while also introducing security concepts and techniques to develop the requirements and design for security technologies. This interdisciplinary book is intended for business and technology audiences, at student or experienced levels.
Organizations must first understand the particular threats that an organization may be prone to, including different types of security attacks, social engineering, and fraud incidents, as well as addressing applicable regulation and security standards. This international edition covers Payment Card Industry Data Security Standard (PCI DSS), American security regulation, and European GDPR. Developing a risk profile helps to estimate the potential costs that an organization may be prone to, including how much should be spent on security controls.
Security planning then includes designing information security, as well as network and physical security, incident response and metrics. Business continuity considers how a business may respond to the loss of IT service. Optional areas that may be applicable include data privacy, cloud security, zero trust, secure software requirements and lifecycle, governance, introductory forensics, and ethics.
This book targets professionals in business, IT, security, software development or risk. This text enables computer science, information technology, or business students to implement a case study for an industry of their choosing.
.
Zielgruppe
Upper undergraduate
Autoren/Hrsg.
Weitere Infos & Material
Part. I. The Problem of SecurityChapter. 1. Security Awareness: Brave New WorldChapter. 2. Combatting FraudChapter. 3. Complying with the PCI DSS StandardPart. II. Strategic Security PlanningChapter. 4. Managing RiskChapter. 5. Addressing Business Impact Analysis and Business ContinuityChapter. 6. Governing: Policy, Maturity Models and PlanningPart. III. Tactical Security PlanningChapter. 7. Designing Information SecurityChapter. 8. Planning for Network SecurityChapter. 9. Designing Physical SecurityChapter. 10. Attending to Information PrivacyChapter. 11. Planning for Alternative Networks: Cloud Security and Zero TrustChapter. 12. Organizing Personnel SecurityPart. IV. Planning for Detect, Respond, RecoverChapter. 13. Planning for Incident ResponseChapter. 14. Defining Security MetricsChapter. 15. Performing an Audit or Security TestChapter. 16. Preparing for Forensic AnalysisPart. V. Complying with National Regulations and EthicsChapter. 17. Complying with the European Union General Data Protection Regulation (GDPR)Chapter. 18. Complying with U.S. Security RegulationsChapter. 19. Complying with HIPAA and HITECHChapter. 20. Maturing Ethical RiskPart. VI. Developing Secure SoftwareChapter. 21. Understanding Software Threats and VulnerabilitiesChapter. 22. Defining a Secure Software ProcessChapter. 23. Planning for Secure Software Requirements and Design with UML
