Cargando…
Executive's Cybersecurity Program Handbook A Comprehensive Guide to Building and Operationalizing a Complete Cybersecurity Program /
Develop strategic plans for building cybersecurity programs and prepare your organization for compliance investigations and audits Key Features Get started as a cybersecurity executive and design an infallible security program Perform assessments and build a strong risk management framework Promote...
| Clasificación: | Libro Electrónico |
|---|---|
| Autor principal: | |
| Formato: | Electrónico eBook |
| Idioma: | Inglés |
| Publicado: |
Birmingham :
Packt Publishing, Limited,
2023.
|
| Edición: | 1st edition. |
| Temas: | |
| Acceso en línea: | Texto completo (Requiere registro previo con correo institucional) |
MARC
| LEADER | 00000cam a22000007a 4500 | ||
|---|---|---|---|
| 001 | OR_on1371143447 | ||
| 003 | OCoLC | ||
| 005 | 20231017213018.0 | ||
| 006 | m o d | ||
| 007 | cr cnu|||||||| | ||
| 008 | 230225s2023 enk o 000 0 eng d | ||
| 040 | |a EBLCP |b eng |c EBLCP |d ORMDA |d OCLCF |d LANGC |d IEEEE |d OCLCQ |d OCLCO | ||
| 020 | |a 9781804616741 | ||
| 020 | |a 1804616745 | ||
| 035 | |a (OCoLC)1371143447 | ||
| 037 | |a 9781804619230 |b O'Reilly Media | ||
| 037 | |a 10162132 |b IEEE | ||
| 050 | 4 | |a QA76.9.A25 | |
| 082 | 0 | 4 | |a 005.8 |2 23/eng/20230307 |
| 049 | |a UAMI | ||
| 100 | 1 | |a Brown, Jason, |e author. | |
| 245 | 1 | 0 | |a Executive's Cybersecurity Program Handbook |h [electronic resource] : |b A Comprehensive Guide to Building and Operationalizing a Complete Cybersecurity Program / |c Jason Brown. |
| 250 | |a 1st edition. | ||
| 260 | |a Birmingham : |b Packt Publishing, Limited, |c 2023. | ||
| 300 | |a 1 online resource (232 p.) | ||
| 500 | |a Description based upon print version of record. | ||
| 505 | 0 | |a Cover -- Title Page -- Copyright and Credits -- Dedication -- Contributors -- Table of Contents -- Preface -- Part 1 -- Getting Your Program Off the Ground -- Chapter 1: The First 90 Days -- Getting executive buy-in -- Budget or no budget? -- Vision statements -- Mission statements -- Program charters -- Purpose -- Scope -- Responsibilities -- Those responsible for the charter -- The pillars of your cybersecurity program -- Summary -- References -- Chapter 2: Choosing the Right Cybersecurity Framework -- What is a cybersecurity framework? -- Types of cybersecurity frameworks | |
| 505 | 8 | |a Examining security as a checkbox -- Understanding continual improvement -- Selecting the right framework -- The framework used in this book -- Summary -- References -- Chapter 3: Cybersecurity Strategic Planning through the Assessment Process -- Developing your cybersecurity strategy -- Who should perform the assessment? -- Preparing for the assessment -- Drafting an engagement letter -- Project initiation and information gathering -- Performing the assessment -- Wrapping up the assessment -- Administrative review of policy documents using the NIST CSF -- A technical review using the CIS controls | |
| 505 | 8 | |a Understanding the current and future state of your program -- Developing goals -- The exit interview -- Summary -- References -- Part 2 -- Administrative Cybersecurity Controls -- Chapter 4: Establishing Governance through Policy -- The importance of governance -- The importance of policy documents -- Exploring PSPs -- Policies -- Standards -- Procedures -- Policy workflow -- Getting executive sign-off for policy documents -- Creating new policies -- Reviewing policies -- Building a framework layout -- Exploring policy objectives -- Summary -- References -- Chapter 5: The Security Team | |
| 505 | 8 | |a The need for more security professionals -- Applying NIST NICE framework to your organization -- Exploring cybersecurity roles -- Cybersecurity analysts -- Cybersecurity engineers -- Cybersecurity architects -- Cybersecurity compliance specialists -- Head of security -- Exploring cybersecurity architectural frameworks -- SABSA -- TOGAF -- OSA -- Staffing -- insourcing versus outsourcing -- Structuring the cybersecurity team -- Summary -- References -- Chapter 6: Risk Management -- Why do we need risk management? -- Exploring IT risks -- Human -- Technology -- Environmental -- The NIST RMF | |
| 505 | 8 | |a Tier 1 -- organizational risk -- Tier 2 -- mission/business process -- Tier 3 -- information systems -- Applying risk management to IT resources -- Categorize -- Select -- Implement -- Assess -- Authorize -- Monitor -- Documenting in the SSP -- What is a risk register? -- Driving to a resolution -- Summary -- References -- Chapter 7: Incident Response -- NIST incident response methodology -- Preparation -- Detection and analysis -- Containment, eradication, and recovery -- Post-incident activity -- Incident response playbooks -- Train like we fight -- Walk-through exercises -- Tabletop exercises | |
| 500 | |a Live action exercises | ||
| 520 | |a Develop strategic plans for building cybersecurity programs and prepare your organization for compliance investigations and audits Key Features Get started as a cybersecurity executive and design an infallible security program Perform assessments and build a strong risk management framework Promote the importance of security within the organization through awareness and training sessions Book Description Ransomware, phishing, and data breaches are major concerns affecting all organizations as a new cyber threat seems to emerge every day, making it paramount to protect the security of your organization and be prepared for potential cyberattacks. This book will ensure that you can build a reliable cybersecurity framework to keep your organization safe from cyberattacks. This Executive's Cybersecurity Program Handbook explains the importance of executive buy-in, mission, and vision statement of the main pillars of security program (governance, defence, people and innovation). You'll explore the different types of cybersecurity frameworks, how they differ from one another, and how to pick the right framework to minimize cyber risk. As you advance, you'll perform an assessment against the NIST Cybersecurity Framework, which will help you evaluate threats to your organization by identifying both internal and external vulnerabilities. Toward the end, you'll learn the importance of standard cybersecurity policies, along with concepts of governance, risk, and compliance, and become well-equipped to build an effective incident response team. By the end of this book, you'll have gained a thorough understanding of how to build your security program from scratch as well as the importance of implementing administrative and technical security controls. What you will learn Explore various cybersecurity frameworks such as NIST and ISO Implement industry-standard cybersecurity policies and procedures effectively to minimize the risk of cyberattacks Find out how to hire the right talent for building a sound cybersecurity team structure Understand the difference between security awareness and training Explore the zero-trust concept and various firewalls to secure your environment Harden your operating system and server to enhance the security Perform scans to detect vulnerabilities in software Who this book is for This book is for you if you are a newly appointed security team manager, director, or C-suite executive who is in the transition stage or new to the information security field and willing to empower yourself with the required knowledge. As a Cybersecurity professional, you can use this book to deepen your knowledge and understand your organization's overall security posture. Basic knowledge of information security or governance, risk, and compliance is required. | ||
| 590 | |a O'Reilly |b O'Reilly Online Learning: Academic/Public Library Edition | ||
| 650 | 0 | |a Computer security. | |
| 650 | 0 | |a Business |x Data processing. | |
| 650 | 6 | |a Sécurité informatique. | |
| 650 | 6 | |a Gestion |x Informatique. | |
| 650 | 7 | |a Business |x Data processing |2 fast | |
| 650 | 7 | |a Computer security |2 fast | |
| 776 | 0 | 8 | |i Print version: |a Brown, Jason |t Executive's Cybersecurity Program Handbook |d Birmingham : Packt Publishing, Limited,c2023 |
| 856 | 4 | 0 | |u https://learning.oreilly.com/library/view/~/9781804619230/?ar |z Texto completo (Requiere registro previo con correo institucional) |
| 938 | |a ProQuest Ebook Central |b EBLB |n EBL30386750 | ||
| 994 | |a 92 |b IZTAP | ||