Cargando…
Information security : a practical guide : bridging the gap between IT and management /
Covering everything from your first day at work as an information security professional to developing and implementing enterprise-wide information security processes, this book explains the basics of information security, and how to explain them to management and others so that security risks can be...
| Clasificación: | Libro Electrónico |
|---|---|
| Autor principal: | |
| Formato: | Electrónico eBook |
| Idioma: | Inglés |
| Publicado: |
Ely, Cambridgeshire, United Kingdom :
It Governance Publishing,
2015.
|
| Temas: | |
| Acceso en línea: | Texto completo (Requiere registro previo con correo institucional) |
MARC
| LEADER | 00000cam a2200000 i 4500 | ||
|---|---|---|---|
| 001 | OR_ocn928751206 | ||
| 003 | OCoLC | ||
| 005 | 20231017213018.0 | ||
| 006 | m o d | ||
| 007 | cr unu|||||||| | ||
| 008 | 151111s2015 enk o 000 0 eng d | ||
| 040 | |a UMI |b eng |e rda |e pn |c UMI |d OCLCO |d OCLCF |d OCLCO |d COO |d OCLCO |d OCLCQ |d OCLCO |d D6H |d LIV |d VT2 |d OCLCA |d CEF |d WYU |d UAB |d UX1 |d BRF |d OCLCO |d OCLCQ |d SFB |d QGK | ||
| 019 | |a 1175627442 |a 1259251223 | ||
| 020 | |a 9781849287401 | ||
| 020 | |a 1849287406 | ||
| 020 | |a 9781849287418 |q (e-book) | ||
| 020 | |a 1849287414 |q (e-book) | ||
| 020 | |a 1849287422 | ||
| 020 | |a 9781849287425 | ||
| 029 | 1 | |a GBVCP |b 897170504 | |
| 035 | |a (OCoLC)928751206 |z (OCoLC)1175627442 |z (OCoLC)1259251223 | ||
| 037 | |a CL0500000670 |b Safari Books Online | ||
| 050 | 4 | |a HF5548.37 | |
| 082 | 0 | 4 | |a 658.478 |2 23 |
| 049 | |a UAMI | ||
| 100 | 1 | |a Mooney, Tom, |e author. | |
| 245 | 1 | 0 | |a Information security : |b a practical guide : bridging the gap between IT and management / |c Tom Mooney. |
| 246 | 3 | 0 | |a Bridging the gap between IT and management |
| 264 | 1 | |a Ely, Cambridgeshire, United Kingdom : |b It Governance Publishing, |c 2015. | |
| 300 | |a 1 online resource (1 volume) | ||
| 336 | |a text |b txt |2 rdacontent | ||
| 337 | |a computer |b c |2 rdamedia | ||
| 338 | |a online resource |b cr |2 rdacarrier | ||
| 588 | 0 | |a Online resource; title from title page (Safari, viewed November 6, 2015). | |
| 520 | |a Covering everything from your first day at work as an information security professional to developing and implementing enterprise-wide information security processes, this book explains the basics of information security, and how to explain them to management and others so that security risks can be appropriately addressed. Topics covered include: how to understand the security culture of the organization; getting to know the organisation and building relationships with key personnel; how to identify gaps in the organisation's security set-up; the impact of compromise on the organization; identifying, categorising and prioritising risks; the five levels of risk appetite and how to apply risk treatments via security controls; understanding the threats facing your organisation and how to communicate them; how to raise security awareness and engage with specific peer groups; system mapping and documentation (including control boundaries and where risks exist). -- |c Edited summary from book. | ||
| 505 | 0 | |a Cover; Title; Copyright; Contents; Chapter 1: Day One as a Security Professional; Chapter Overview; Objectives; Your First Day; Confidentiality, Integrity and Availability (CIA); Getting to Know the Business; Key IT Personnel; What is the Security Culture?; Identifying the Gaps in Security; Chapter 2: Business Impact of Breaches; Chapter Overview; Objectives; How to Assess the Impact; Data Types; Impacts; Reputational Damage; Personal Impact; Contractual Impact; Financial Impact; Legal Impacts; Chapter 3: Business Risk Appetite; Chapter Overview; Objectives; Risk Appetite; Risk Treatments | |
| 505 | 8 | |a Chapter 4: ThreatsChapter Overview; Objectives; Types of Threats; Hackers; Malware Writers; Script Kiddies; Journalists; Criminals; Physical Intruder; Researchers; Hacktivists; Disgruntled Employees; Chapter 5: Quick and Dirty Risk Assessment; Chapter Overview; Objectives; Identifying Risks; Defining the Risk Level; Risk Table; Realigning the Risk Level; Chapter 6: Getting Buy-in From Your Peers; Chapter Overview; Objectives; Points of Contact with your Peers; How to Engage with your Peers; Chapter 7: Documenting the System For Everyone; Chapter Overview; Objectives; Setting the Scene | |
| 505 | 8 | |a EntitiesService Overview; Adding Boundaries; Showing Information Flow; Adding the Threats; Chapter 8: Mapping Data in the System; Chapter Overview; Objectives; Mapping Data; Chapter 9: Penetration Testing; Chapter Overview; Objectives; Types of Penetration Test; Scoping the test; Trusting the Testers; Implementing Fixes; Chapter 10: Information Security Policy; Chapter Overview; Objectives; The Advantages of Security Policies; Giving Your Policies Teeth; Key Security Policies; Ways of Ensuring Your Policy is Read; ITG Resources | |
| 546 | |a English. | ||
| 590 | |a O'Reilly |b O'Reilly Online Learning: Academic/Public Library Edition | ||
| 650 | 0 | |a Business |x Data processing |x Security measures. | |
| 650 | 0 | |a Information technology |x Security measures. | |
| 650 | 0 | |a Computer security. | |
| 650 | 2 | |a Computer Security | |
| 650 | 6 | |a Gestion |x Informatique |x Sécurité |x Mesures. | |
| 650 | 6 | |a Technologie de l'information |x Sécurité |x Mesures. | |
| 650 | 6 | |a Sécurité informatique. | |
| 650 | 7 | |a Business |x Data processing |x Security measures. |2 fast |0 (OCoLC)fst00842307 | |
| 650 | 7 | |a Computer security. |2 fast |0 (OCoLC)fst00872484 | |
| 650 | 7 | |a Information technology |x Security measures. |2 fast |0 (OCoLC)fst00973129 | |
| 776 | 0 | 8 | |i Print version: |a Mooney, Tom. |t Information security : a practical guide : bridging the gap between it and management. |d Cambridgeshire, England : IT Governance Publishing, ©2015 |h 116 pages |z 9781849287401 |
| 856 | 4 | 0 | |u https://learning.oreilly.com/library/view/~/9781849287418/?ar |z Texto completo (Requiere registro previo con correo institucional) |
| 994 | |a 92 |b IZTAP | ||