The Cyber Security Handbook - Prepare for, Respond to and Recover from Cyber Attacks

Mostrar otras versiones (1)

This book is a comprehensive cyber security implementation manual which gives practical guidance on the individual activities identified in the IT Governance Cyber Resilience Framework (CRF) that can help organisations become cyber resilient and combat the cyber threat landscape. Start your cyber se...

Descripción completa

Detalles Bibliográficos
Clasificación:Libro Electrónico
Autor principal: Calder, Alan
Formato: Electrónico eBook
Idioma:Inglés
Publicado: Ely : IT Governance Ltd, 2020.
Temas:
Computer security > Handbooks, manuals, etc.
Sécurité informatique > Guides, manuels, etc.
Computer security
Handbooks and manuals
Acceso en línea:Texto completo
Tabla de Contenidos:
  • Cover
  • Title
  • Copyright
  • About the Author
  • Contents
  • Part 1: Introduction
  • Chapter 1: The threat landscape
  • Chapter 2: Information and cyber security
  • Chapter 3: Cyber resilience
  • Chapter 4: Regulatory and contractual requirements
  • 4.1 International data privacy laws
  • 4.2 Cyber security requirements for critical infrastructure
  • 4.3 Contractual requirements
  • Chapter 5: Implementing cyber security
  • 5.1 Making trade-offs
  • 5.2 Three security pillars
  • 5.3 The IT Governance Cyber Resilience Framework (CRF)
  • 5.4 Structure of the book
  • Part 2: Threats and vulnerabilities
  • Chapter 6: The anatomy of threats
  • Chapter 7: Technical threats
  • 7.1 The attackers
  • 7.2 Malware
  • 7.3 Technical threat example: TalkTalk data breach
  • Chapter 8: Human threats
  • 8.1 Staff awareness
  • 8.2 Social engineering
  • 8.3 Remote working
  • 8.4 Human threat example: WannaCry
  • Chapter 9: Physical threats
  • 9.1 Physical entry threats
  • 9.2 Physical security and mobile devices
  • 9.3 Environmental threats
  • 9.4 Physical threat example: KVM attacks
  • Chapter 10: Third-party threats
  • 10.1 Supply chain threats
  • 10.2 Third-party threat example: Target data breach
  • Part 3: The CRF processes
  • Chapter 11: An overview of the CRF processes
  • Chapter 12: Manage and protect
  • 12.1 Asset management
  • 12.2 Information security policies
  • 12.3 Physical and environmental security
  • 12.4 Identity and access control
  • 12.5 Malware protection
  • 12.6 Configuration and patch management
  • 12.7 Encryption
  • 12.8 System security
  • 12.9 Network and communications security
  • 12.10 Security competence and training
  • 12.11 Staff awareness training
  • 12.12 Comprehensive risk management programme
  • 12.13 Supply chain risk management
  • Chapter 13: Identify and detect
  • 13.1 Threat and vulnerability intelligence
  • 13.2 Security monitoring
  • Chapter 14: Respond and recover
  • 14.1 Incident response management
  • 14.2 ICT continuity management
  • 14.3 Business continuity management
  • Chapter 15: Govern and assure
  • 15.1 Formal information security management programme
  • 15.2 Continual improvement process
  • 15.3 Board-level commitment and involvement
  • 15.4 Governance structure and processes
  • 15.5 Internal audit
  • 15.6 External certification/validation
  • Chapter 16: Maturity levels
  • 16.1 Determining the level of maturity to aim for
  • Part 4: Eight steps to implementing cyber security
  • Chapter 17: Introducing the IT Governance eight-step approach
  • Chapter 18: Step 1
  • Start the project
  • 18.1 Project mandate
  • 18.2 Project team
  • 18.3 Project leadership
  • Chapter 19: Step 2
  • Determine requirements and objectives
  • 19.1 Project vs cyber security objectives
  • Chapter 20: Step 3
  • Determine the scope
  • Chapter 21: Step 4
  • Define current and ideal target states
  • Using the CRF
  • Gap analysis
  • Chapter 22: Step 5
  • Establish a continual improvement model
  • Chapter 23: Step 6
  • Conduct a risk assessment

Ejemplares similares