Cargando…
The security risk assessment handbook : a complete guide for performing security risk assessments /
Conducted properly, information security risk assessments provide managers with the feedback needed to manage risk through the understanding of threats to corporate assets, determination of current control vulnerabilities, and appropriate safeguards selection. Performed incorrectly, they can provide...
| Clasificación: | Libro Electrónico |
|---|---|
| Autor principal: | |
| Formato: | Electrónico eBook |
| Idioma: | Inglés |
| Publicado: |
Boca Raton :
CRC Press,
2021.
|
| Edición: | Third edition. |
| Temas: | |
| Acceso en línea: | Texto completo (Requiere registro previo con correo institucional) |
MARC
| LEADER | 00000cam a2200000 i 4500 | ||
|---|---|---|---|
| 001 | OR_on1263026980 | ||
| 003 | OCoLC | ||
| 005 | 20231017213018.0 | ||
| 006 | m o d | ||
| 007 | cr cnu---unuuu | ||
| 008 | 210807t20212021flu ob 001 0 eng d | ||
| 010 | |a 2021762347 | ||
| 040 | |a EBLCP |b eng |e rda |e pn |c EBLCP |d YDXIT |d OCLCO |d TYFRS |d OCLCF |d UKMGB |d TYFRS |d UKAHL |d OCLCQ |d OCLCO |d UBY |d OCLCO |d YDX |d OCLCQ |d DLC |d SFB |d OCLCQ |d ORMDA | ||
| 015 | |a GBC1A3196 |2 bnb | ||
| 016 | 7 | |a 020242246 |2 Uk | |
| 019 | |a 1380747519 | ||
| 020 | |a 9781000413250 |q (electronic book) | ||
| 020 | |a 100041325X |q (electronic book) | ||
| 020 | |a 9781003090441 |q (electronic bk.) | ||
| 020 | |a 1003090443 |q (electronic bk.) | ||
| 020 | |a 9781000413205 |q (electronic bk. ; |q PDF) | ||
| 020 | |a 1000413209 |q (electronic bk. ; |q PDF) | ||
| 020 | |z 9780367547479 |q (hbk.) | ||
| 020 | |z 9781032041650 |q (pbk.) | ||
| 024 | 7 | |a 10.1201/9781003090441 |2 doi | |
| 029 | 1 | |a AU@ |b 000069953511 | |
| 029 | 1 | |a UKMGB |b 020242246 | |
| 035 | |a (OCoLC)1263026980 |z (OCoLC)1380747519 | ||
| 037 | |a 9781003090441 |b Taylor & Francis | ||
| 037 | |a 9781000413250 |b O'Reilly Media | ||
| 050 | 4 | |a HF5548.37 |b .L358 2021eb | |
| 072 | 7 | |a BUS |x 033070 |2 bisacsh | |
| 072 | 7 | |a BUS |x 041000 |2 bisacsh | |
| 072 | 7 | |a COM |x 043050 |2 bisacsh | |
| 072 | 7 | |a UTF |2 bicssc | |
| 082 | 0 | 4 | |a 658.47 |2 23 |
| 049 | |a UAMI | ||
| 100 | 1 | |a Landoll, Douglas J., |e author. | |
| 245 | 1 | 4 | |a The security risk assessment handbook : |b a complete guide for performing security risk assessments / |c Douglas J. Landoll. |
| 250 | |a Third edition. | ||
| 264 | 1 | |a Boca Raton : |b CRC Press, |c 2021. | |
| 264 | 4 | |c ©2021 | |
| 300 | |a 1 online resource (515 pages) | ||
| 336 | |a text |b txt |2 rdacontent | ||
| 337 | |a computer |b c |2 rdamedia | ||
| 338 | |a online resource |b cr |2 rdacarrier | ||
| 504 | |a Includes bibliographical references and index. | ||
| 588 | 0 | |a Online resource; title from digital title page (viewed on September 21, 2021). | |
| 520 | |a Conducted properly, information security risk assessments provide managers with the feedback needed to manage risk through the understanding of threats to corporate assets, determination of current control vulnerabilities, and appropriate safeguards selection. Performed incorrectly, they can provide the false sense of security that allows potential threats to develop into disastrous losses of proprietary information, capital, and corporate value. Picking up where its bestselling predecessors left off, The Security Risk Assessment Handbook: A Complete Guide for Performing Security Risk Assessments, Third Edition gives you detailed instruction on how to conduct a security risk assessment effectively and efficiently, supplying wide-ranging coverage that includes security risk analysis, mitigation, and risk assessment reporting. The third edition has expanded coverage of essential topics, such as threat analysis, data gathering, risk analysis, and risk assessment methods, and added coverage of new topics essential for current assessment projects (e.g., cloud security, supply chain management, and security risk assessment methods). This handbook walks you through the process of conducting an effective security assessment, and it provides the tools, methods, and up-to-date understanding you need to select the security measures best suited to your organization. Trusted to assess security for small companies, leading organizations, and government agencies, including the CIA, NSA, and NATO, Douglas J. Landoll unveils the little-known tips, tricks, and techniques used by savvy security professionals in the field. It includes features on how to Better negotiate the scope and rigor of security assessments Effectively interface with security assessment teams Gain an improved understanding of final report recommendations Deliver insightful comments on draft reports This edition includes detailed guidance on gathering data and analyzes over 200 administrative, technical, and physical controls using the RIIOT data gathering method; introduces the RIIOT FRAME (risk assessment method), including hundreds of tables, over 70 new diagrams and figures, and over 80 exercises; and provides a detailed analysis of many of the popular security risk assessment methods in use today. The companion website (infosecurityrisk.com) provides downloads for checklists, spreadsheets, figures, and tools. | ||
| 545 | 0 | |a Douglas Landoll has over two decades of information security experience. He has led security risk assessments and established security programs for top corporations and government agencies. He is an expert in security risk assessment, security risk management, security criteria, and building corporate security programs. His background includes evaluating security at the National Security Agency (NSA), North Atlantic Treaty Organization (NATO), Central Intelligence Agency (CIA), and other government agencies; co-founding the Arca Common Criteria Testing Laboratory, co-authoring the systems security engineering capability maturity model (SSE-CMM); teaching at NSA's National Cryptologic School; and running the southwest security services division for Exodus Communications. Doug is currently the CEO of Lantego, specializing in risk assessment, policy and training. He is a certified information systems security professional (CISSP) and certified information systems auditor (CISA). He holds a BS degree from James Madison University and an MBA from the University of Texas at Austin. He has published numerous information security articles, speaks regularly at conferences, and serves as an advisor for several high-tech companies. | |
| 505 | 0 | |a Chapter 1 Introduction -- chapter 2 Information Security Risk Assessment Basics -- chapter 3 Project Definition -- chapter 4 Security Risk Assessment Preparation -- chapter 5 Data Gathering -- chapter 6 Administrative Data Gathering -- chapter 7 Technical Data Gathering -- chapter 8 Physical Data Gathering -- chapter 9 Security Risk Analysis -- chapter 10 Security Risk Analysis Worked Examples -- chapter 11 Security Risk Mitigation -- chapter 12 Security Risk Assessment Reporting -- chapter 13 Security Risk Assessment Project Management -- chapter 14 Security Risk Assessment Approaches. | |
| 590 | |a O'Reilly |b O'Reilly Online Learning: Academic/Public Library Edition | ||
| 650 | 0 | |a Business |x Data processing |x Security measures. | |
| 650 | 0 | |a Computer security. | |
| 650 | 0 | |a Data protection. | |
| 650 | 0 | |a Risk assessment. | |
| 650 | 2 | |a Computer Security | |
| 650 | 2 | |a Risk Assessment | |
| 650 | 6 | |a Gestion |x Informatique |x Sécurité |x Mesures. | |
| 650 | 6 | |a Sécurité informatique. | |
| 650 | 6 | |a Protection de l'information (Informatique) | |
| 650 | 6 | |a Évaluation du risque. | |
| 650 | 7 | |a risk assessment. |2 aat | |
| 650 | 7 | |a BUSINESS & ECONOMICS |x Insurance |x Risk Assessment & Management. |2 bisacsh | |
| 650 | 7 | |a BUSINESS & ECONOMICS |x Management. |2 bisacsh | |
| 650 | 7 | |a COMPUTERS |x Networking |x Security. |2 bisacsh | |
| 650 | 7 | |a Business |x Data processing |x Security measures. |2 fast |0 (OCoLC)fst00842307 | |
| 650 | 7 | |a Computer security. |2 fast |0 (OCoLC)fst00872484 | |
| 650 | 7 | |a Data protection. |2 fast |0 (OCoLC)fst00887958 | |
| 650 | 7 | |a Risk assessment. |2 fast |0 (OCoLC)fst01098146 | |
| 776 | 0 | 8 | |i Print version: |a Landoll, Douglas. |t Security Risk Assessment Handbook. |d Milton : Taylor & Francis Group, ©2021 |z 9780367547479 |
| 856 | 4 | 0 | |u https://learning.oreilly.com/library/view/~/9781000413250/?ar |z Texto completo (Requiere registro previo con correo institucional) |
| 938 | |a Askews and Holts Library Services |b ASKH |n AH38320934 | ||
| 938 | |a YBP Library Services |b YANK |n 17353198 | ||
| 938 | |a Askews and Holts Library Services |b ASKH |n AH38320935 | ||
| 938 | |a ProQuest Ebook Central |b EBLB |n EBL6688894 | ||
| 994 | |a 92 |b IZTAP | ||