Verfügbarkeit: Cybersecurity readiness

Cybersecurity readiness: a holistic and high-performance approach

Gespeichert in:

Bibliographische Detailangaben
1. Verfasser:	Chatterjee, Dave (VerfasserIn)
Format:	Buch
Sprache:	English
Veröffentlicht:	Los Angeles ; London ; New Delhi Sage [2021]
Schlagworte:	Unternehmen Risikomanagement Computersicherheit
Online-Zugang:	Inhaltsverzeichnis
Beschreibung:	xxvii, 308 Seiten Illustrationen
ISBN:	9781071837337

Internformat

MARC


LEADER	00000nam a2200000 c 4500
001	BV047264634
003	DE-604
005	20210726
007	t
008	210503s2021 a\|\|\| \|\|\|\| 00\|\|\| eng d
020			\|a 9781071837337 \|9 978-1-0718-3733-7
035			\|a (OCoLC)1244249393
035			\|a (DE-599)BVBBV047264634
040			\|a DE-604 \|b ger \|e rda
041	0		\|a eng
049			\|a DE-355
084			\|a QP 345 \|0 (DE-625)141866: \|2 rvk
100	1		\|a Chatterjee, Dave \|e Verfasser \|0 (DE-588)1234557681 \|4 aut
245	1	0	\|a Cybersecurity readiness \|b a holistic and high-performance approach \|c Dave Chatterjee, Ph.D., Associate Professor, MIS Department, Terry College of Business, The University of Georgia, Visiting Professor, Pratt School of Engineering, Duke University
264		1	\|a Los Angeles ; London ; New Delhi \|b Sage \|c [2021]
300			\|a xxvii, 308 Seiten \|b Illustrationen
336			\|b txt \|2 rdacontent
337			\|b n \|2 rdamedia
338			\|b nc \|2 rdacarrier
650	0	7	\|a Unternehmen \|0 (DE-588)4061963-1 \|2 gnd \|9 rswk-swf
650	0	7	\|a Risikomanagement \|0 (DE-588)4121590-4 \|2 gnd \|9 rswk-swf
650	0	7	\|a Computersicherheit \|0 (DE-588)4274324-2 \|2 gnd \|9 rswk-swf
689	0	0	\|a Unternehmen \|0 (DE-588)4061963-1 \|D s
689	0	1	\|a Computersicherheit \|0 (DE-588)4274324-2 \|D s
689	0	2	\|a Risikomanagement \|0 (DE-588)4121590-4 \|D s
689	0		\|C b \|5 DE-604
776	0	8	\|i Erscheint auch als \|n Online-Ausgabe, EPUB \|z 978-1-0718-3734-4
776	0	8	\|i Erscheint auch als \|n Online-Ausgabe, EPUB \|z 978-1-0718-3734-4
776	0	8	\|i Erscheint auch als \|n Online-Ausgabe, PDF \|z 978-1-0718-3736-8
856	4	2	\|m Digitalisierung UB Regensburg - ADAM Catalogue Enrichment \|q application/pdf \|u http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=032668425&sequence=000001&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA \|3 Inhaltsverzeichnis
999			\|a oai:aleph.bib-bvb.de:BVB01-032668425

Datensatz im Suchindex

_version_	1804182416654336000
adam_text	Contents Preface xi Foreword xiii Endorsements xv Acknowledgments xxiii About the Author xxvii Chapter 1 Introduction: The Challenge of Cybersecurity 1 Chapter 2 The Cyberattack Epidemic 5 2.1 Expanding Hardware and Software Attack Surfaces 6 2.2 The Human Vulnerability Factor 8 2.3 Growing Attack Vectors 2.3.1 Malware Types 2.3.2 Malware Distribution Methods and Channels 2.4 Nature and Extent of Impact Chapter 3 Breach Incidents and Lessons Learned 10 10 13 21 29 3.1 The Capital One Breach That Exposed 100 Million Applicants and Customer Information 29 3.2 British Airways Ordered to Pay a Record Fine of $230 Million 31 3.3 Target Retail Chain Experiences an External Intrusion That Compromised Millions of Customers’ Data 33 3.4 Adult Friend Finder Site Breach Exposes Millions of Customer Records 34 3.5 Three Billion Yahoo User Accounts Compromised 35 3.6 Equifax Data Breach Exposes Millions of Customers’ Data 37 3.7 Adobe Breach Exposes 38 Million Customer Records 38 3.8 Anthem Breach Affects 78.8 Million People 40 Chapter 4 Foundations of the High-Performance Information Security Culture Framework 49 4.1 Organizational Culture and Firm Performance 49 4.2 Organizational Culture and Cybersecurity 50 4.3 High-Reliability Organizational Culture Traits 52 Chapter 5 Commitment 59 5.1 Hands-On Top Management 61 5.2 We-Are-in-lt-Together Culture 63 5.3 Cross-Functional Participation 64 5.4 Sustainable Budget 67 5.5 Strategic Alignment and Partnerships 68 5.6 Joint Ownership and Accountability 70 5.7 Empowerment 72 Chapter 6 Preparedness 6.1 Identify 6.1.1 Organizational Role Recognition 6.1.2 Cyber-Risk Assessment 6.1.3 Asset Identification and Prioritization 6.2 Protect 6.2.1 Access Control 6.2.2 Configuration Management 6.2.3 Securing Email Clients and WebBrowsers 6.2.4 Securing Networks, Ports, Protocols,and Services 6.2.5 Managing Removable Media 6.2.6 Data Security 6.2.7 Data Backup and Retention 6.2.8 Asset Maintenance 6.2.9 Awareness and Training 77 78 78 81 86 90 91 96 98 100 102 102 110 112 113 6.3 Detect 120 6.4 Respond and Recover 125 6.4.1 Incident Response Capability 6.4.2 Disaster Recovery Planning 126 128 Chapter 7 Discipline 139 7.1 Information Security Governance Policy 139 7.2 Communications and Enforcement of Policies 142 7.3 Continuous Monitoring 143 7.4 Continuous Performance Assessment and Improvement 146 7.5 Security Audits and Drills 148 7.6 Penetration Testing and Red Team Exercises 151 Chapter 8 Key Messages and Actionable Recommendations 8.1 Commitment 8.1.1 Hands-On Top Management 8.1.2 “We-Are-in-lt-Together” Culture 8.1.3 Cross-Functional Participation 8.1.4 Sustainable Budget 8.1.5 Strategic Alignment and Partnership 8.1.6 Joint Ownership and Accountability 8.1.7 Empowerment 8.2 Preparedness 8.2.1 8.2.2 8.2.3 8.2.4 Risk-Based Asset Identification and Prioritization Securing Sensitive Data and Related Digital Assets Detecting Threats and Attacks Responding and Recovering from Breach Incidents 155 155 155 155 156 156 156 157 157 157 158 159 163 163 8.3 Discipline 164 8.3.1 8.3.2 8.3.3 8.3.4 8.3.5 8.3.6 Information Security Governance Policy Communication and Enforcement of Policies Continuous Monitoring Continuous Performance Assessment and Improvement Security Audits and Drills Penetration Testing and Red Team Exercises 164 164 164 165 165 165 Information Security Monitoring Controls 167 Appendix 1 Appendix 2 Cybersecurity Performance Measures 175 Appendix ЗА Cybersecurity Readiness Scorecard: Commitment 177 Appendix 3B Cybersecurity Readiness Scorecard: Preparedness 183 Appendix ЗС Cybersecurity Readiness Scorecard: Discipline 199 Appendix 4 Cybersecurity and Privacy Laws and Regulations 205 Appendix 5 Physical, Technical, and Administrative Controls: A Representative List 227 Appendix 6 Case Studies 235 Case Study 1. Target’s Debit/Credit Card Data Breach 237 Case Study 2. BangladeshBank’s Cyber Heist 249 ** Case Study 3. Ashley Madison Security Breach 269 Case Study 4. Yoti and Responsible Cybersecurity Innovation 279 Cybersecurity Resources 291 Index 297
adam_txt	Contents Preface xi Foreword xiii Endorsements xv Acknowledgments xxiii About the Author xxvii Chapter 1 Introduction: The Challenge of Cybersecurity 1 Chapter 2 The Cyberattack Epidemic 5 2.1 Expanding Hardware and Software Attack Surfaces 6 2.2 The Human Vulnerability Factor 8 2.3 Growing Attack Vectors 2.3.1 Malware Types 2.3.2 Malware Distribution Methods and Channels 2.4 Nature and Extent of Impact Chapter 3 Breach Incidents and Lessons Learned 10 10 13 21 29 3.1 The Capital One Breach That Exposed 100 Million Applicants and Customer Information 29 3.2 British Airways Ordered to Pay a Record Fine of $230 Million 31 3.3 Target Retail Chain Experiences an External Intrusion That Compromised Millions of Customers’ Data 33 3.4 Adult Friend Finder Site Breach Exposes Millions of Customer Records 34 3.5 Three Billion Yahoo User Accounts Compromised 35 3.6 Equifax Data Breach Exposes Millions of Customers’ Data 37 3.7 Adobe Breach Exposes 38 Million Customer Records 38 3.8 Anthem Breach Affects 78.8 Million People 40 Chapter 4 Foundations of the High-Performance Information Security Culture Framework 49 4.1 Organizational Culture and Firm Performance 49 4.2 Organizational Culture and Cybersecurity 50 4.3 High-Reliability Organizational Culture Traits 52 Chapter 5 Commitment 59 5.1 Hands-On Top Management 61 5.2 "We-Are-in-lt-Together" Culture 63 5.3 Cross-Functional Participation 64 5.4 Sustainable Budget 67 5.5 Strategic Alignment and Partnerships 68 5.6 Joint Ownership and Accountability 70 5.7 Empowerment 72 Chapter 6 Preparedness 6.1 Identify 6.1.1 Organizational Role Recognition 6.1.2 Cyber-Risk Assessment 6.1.3 Asset Identification and Prioritization 6.2 Protect 6.2.1 Access Control 6.2.2 Configuration Management 6.2.3 Securing Email Clients and WebBrowsers 6.2.4 Securing Networks, Ports, Protocols,and Services 6.2.5 Managing Removable Media 6.2.6 Data Security 6.2.7 Data Backup and Retention 6.2.8 Asset Maintenance 6.2.9 Awareness and Training 77 78 78 81 86 90 91 96 98 100 102 102 110 112 113 6.3 Detect 120 6.4 Respond and Recover 125 6.4.1 Incident Response Capability 6.4.2 Disaster Recovery Planning 126 128 Chapter 7 Discipline 139 7.1 Information Security Governance Policy 139 7.2 Communications and Enforcement of Policies 142 7.3 Continuous Monitoring 143 7.4 Continuous Performance Assessment and Improvement 146 7.5 Security Audits and Drills 148 7.6 Penetration Testing and Red Team Exercises 151 Chapter 8 Key Messages and Actionable Recommendations 8.1 Commitment 8.1.1 Hands-On Top Management 8.1.2 “We-Are-in-lt-Together” Culture 8.1.3 Cross-Functional Participation 8.1.4 Sustainable Budget 8.1.5 Strategic Alignment and Partnership 8.1.6 Joint Ownership and Accountability 8.1.7 Empowerment 8.2 Preparedness 8.2.1 8.2.2 8.2.3 8.2.4 Risk-Based Asset Identification and Prioritization Securing Sensitive Data and Related Digital Assets Detecting Threats and Attacks Responding and Recovering from Breach Incidents 155 155 155 155 156 156 156 157 157 157 158 159 163 163 8.3 Discipline 164 8.3.1 8.3.2 8.3.3 8.3.4 8.3.5 8.3.6 Information Security Governance Policy Communication and Enforcement of Policies Continuous Monitoring Continuous Performance Assessment and Improvement Security Audits and Drills Penetration Testing and Red Team Exercises 164 164 164 165 165 165 Information Security Monitoring Controls 167 Appendix 1 Appendix 2 Cybersecurity Performance Measures 175 Appendix ЗА Cybersecurity Readiness Scorecard: Commitment 177 Appendix 3B Cybersecurity Readiness Scorecard: Preparedness 183 Appendix ЗС Cybersecurity Readiness Scorecard: Discipline 199 Appendix 4 Cybersecurity and Privacy Laws and Regulations 205 Appendix 5 Physical, Technical, and Administrative Controls: A Representative List 227 Appendix 6 Case Studies 235 Case Study 1. Target’s Debit/Credit Card Data Breach 237 Case Study 2. BangladeshBank’s Cyber Heist 249 ** Case Study 3. Ashley Madison Security Breach 269 Case Study 4. Yoti and Responsible Cybersecurity Innovation 279 Cybersecurity Resources 291 Index 297
any_adam_object	1
any_adam_object_boolean	1
author	Chatterjee, Dave
author_GND	(DE-588)1234557681
author_facet	Chatterjee, Dave
author_role	aut
author_sort	Chatterjee, Dave
author_variant	d c dc
building	Verbundindex
bvnumber	BV047264634
classification_rvk	QP 345
ctrlnum	(OCoLC)1244249393 (DE-599)BVBBV047264634
discipline	Wirtschaftswissenschaften
discipline_str_mv	Wirtschaftswissenschaften
format	Book
fullrecord	<?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>01894nam a2200397 c 4500</leader><controlfield tag="001">BV047264634</controlfield><controlfield tag="003">DE-604</controlfield><controlfield tag="005">20210726 </controlfield><controlfield tag="007">t</controlfield><controlfield tag="008">210503s2021 a\|\|\| \|\|\|\| 00\|\|\| eng d</controlfield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">9781071837337</subfield><subfield code="9">978-1-0718-3733-7</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(OCoLC)1244249393</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-599)BVBBV047264634</subfield></datafield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">DE-604</subfield><subfield code="b">ger</subfield><subfield code="e">rda</subfield></datafield><datafield tag="041" ind1="0" ind2=" "><subfield code="a">eng</subfield></datafield><datafield tag="049" ind1=" " ind2=" "><subfield code="a">DE-355</subfield></datafield><datafield tag="084" ind1=" " ind2=" "><subfield code="a">QP 345</subfield><subfield code="0">(DE-625)141866:</subfield><subfield code="2">rvk</subfield></datafield><datafield tag="100" ind1="1" ind2=" "><subfield code="a">Chatterjee, Dave</subfield><subfield code="e">Verfasser</subfield><subfield code="0">(DE-588)1234557681</subfield><subfield code="4">aut</subfield></datafield><datafield tag="245" ind1="1" ind2="0"><subfield code="a">Cybersecurity readiness</subfield><subfield code="b">a holistic and high-performance approach</subfield><subfield code="c">Dave Chatterjee, Ph.D., Associate Professor, MIS Department, Terry College of Business, The University of Georgia, Visiting Professor, Pratt School of Engineering, Duke University</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="a">Los Angeles ; London ; New Delhi</subfield><subfield code="b">Sage</subfield><subfield code="c">[2021]</subfield></datafield><datafield tag="300" ind1=" " ind2=" "><subfield code="a">xxvii, 308 Seiten</subfield><subfield code="b">Illustrationen</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="b">n</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="b">nc</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Unternehmen</subfield><subfield code="0">(DE-588)4061963-1</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Risikomanagement</subfield><subfield code="0">(DE-588)4121590-4</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Computersicherheit</subfield><subfield code="0">(DE-588)4274324-2</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="689" ind1="0" ind2="0"><subfield code="a">Unternehmen</subfield><subfield code="0">(DE-588)4061963-1</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2="1"><subfield code="a">Computersicherheit</subfield><subfield code="0">(DE-588)4274324-2</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2="2"><subfield code="a">Risikomanagement</subfield><subfield code="0">(DE-588)4121590-4</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2=" "><subfield code="C">b</subfield><subfield code="5">DE-604</subfield></datafield><datafield tag="776" ind1="0" ind2="8"><subfield code="i">Erscheint auch als</subfield><subfield code="n">Online-Ausgabe, EPUB</subfield><subfield code="z">978-1-0718-3734-4</subfield></datafield><datafield tag="776" ind1="0" ind2="8"><subfield code="i">Erscheint auch als</subfield><subfield code="n">Online-Ausgabe, EPUB</subfield><subfield code="z">978-1-0718-3734-4</subfield></datafield><datafield tag="776" ind1="0" ind2="8"><subfield code="i">Erscheint auch als</subfield><subfield code="n">Online-Ausgabe, PDF</subfield><subfield code="z">978-1-0718-3736-8</subfield></datafield><datafield tag="856" ind1="4" ind2="2"><subfield code="m">Digitalisierung UB Regensburg - ADAM Catalogue Enrichment</subfield><subfield code="q">application/pdf</subfield><subfield code="u">http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=032668425&sequence=000001&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA</subfield><subfield code="3">Inhaltsverzeichnis</subfield></datafield><datafield tag="999" ind1=" " ind2=" "><subfield code="a">oai:aleph.bib-bvb.de:BVB01-032668425</subfield></datafield></record></collection>
id	DE-604.BV047264634
illustrated	Illustrated
index_date	2024-07-03T17:12:14Z
indexdate	2024-07-10T09:07:12Z
institution	BVB
isbn	9781071837337
language	English
oai_aleph_id	oai:aleph.bib-bvb.de:BVB01-032668425
oclc_num	1244249393
open_access_boolean
owner	DE-355 DE-BY-UBR
owner_facet	DE-355 DE-BY-UBR
physical	xxvii, 308 Seiten Illustrationen
publishDate	2021
publishDateSearch	2021
publishDateSort	2021
publisher	Sage
record_format	marc
spelling	Chatterjee, Dave Verfasser (DE-588)1234557681 aut Cybersecurity readiness a holistic and high-performance approach Dave Chatterjee, Ph.D., Associate Professor, MIS Department, Terry College of Business, The University of Georgia, Visiting Professor, Pratt School of Engineering, Duke University Los Angeles ; London ; New Delhi Sage [2021] xxvii, 308 Seiten Illustrationen txt rdacontent n rdamedia nc rdacarrier Unternehmen (DE-588)4061963-1 gnd rswk-swf Risikomanagement (DE-588)4121590-4 gnd rswk-swf Computersicherheit (DE-588)4274324-2 gnd rswk-swf Unternehmen (DE-588)4061963-1 s Computersicherheit (DE-588)4274324-2 s Risikomanagement (DE-588)4121590-4 s b DE-604 Erscheint auch als Online-Ausgabe, EPUB 978-1-0718-3734-4 Erscheint auch als Online-Ausgabe, PDF 978-1-0718-3736-8 Digitalisierung UB Regensburg - ADAM Catalogue Enrichment application/pdf http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=032668425&sequence=000001&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA Inhaltsverzeichnis
spellingShingle	Chatterjee, Dave Cybersecurity readiness a holistic and high-performance approach Unternehmen (DE-588)4061963-1 gnd Risikomanagement (DE-588)4121590-4 gnd Computersicherheit (DE-588)4274324-2 gnd
subject_GND	(DE-588)4061963-1 (DE-588)4121590-4 (DE-588)4274324-2
title	Cybersecurity readiness a holistic and high-performance approach
title_auth	Cybersecurity readiness a holistic and high-performance approach
title_exact_search	Cybersecurity readiness a holistic and high-performance approach
title_exact_search_txtP	Cybersecurity readiness a holistic and high-performance approach
title_full	Cybersecurity readiness a holistic and high-performance approach Dave Chatterjee, Ph.D., Associate Professor, MIS Department, Terry College of Business, The University of Georgia, Visiting Professor, Pratt School of Engineering, Duke University
title_fullStr	Cybersecurity readiness a holistic and high-performance approach Dave Chatterjee, Ph.D., Associate Professor, MIS Department, Terry College of Business, The University of Georgia, Visiting Professor, Pratt School of Engineering, Duke University
title_full_unstemmed	Cybersecurity readiness a holistic and high-performance approach Dave Chatterjee, Ph.D., Associate Professor, MIS Department, Terry College of Business, The University of Georgia, Visiting Professor, Pratt School of Engineering, Duke University
title_short	Cybersecurity readiness
title_sort	cybersecurity readiness a holistic and high performance approach
title_sub	a holistic and high-performance approach
topic	Unternehmen (DE-588)4061963-1 gnd Risikomanagement (DE-588)4121590-4 gnd Computersicherheit (DE-588)4274324-2 gnd
topic_facet	Unternehmen Risikomanagement Computersicherheit
url	http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=032668425&sequence=000001&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA
work_keys_str_mv	AT chatterjeedave cybersecurityreadinessaholisticandhighperformanceapproach

Verfügbarkeit

Es ist kein Print-Exemplar vorhanden.

Fernleihe Bestellen Achtung: Nicht im THWS-Bestand! Inhaltsverzeichnis

MARC

Datensatz im Suchindex

Es ist kein Print-Exemplar vorhanden.

Ähnliche Einträge