Information security handbook :: develop a threat model and incident response strategy to build a strong information security framework /
Implement information security effectively as per your organization's needs. About This Book Learn to build your own information security framework, the best fit for your organization Build on the concepts of threat modeling, incidence response, and security analysis Practical use cases and bes...
Gespeichert in:
| 1. Verfasser: | |
|---|---|
| Format: | Elektronisch E-Book |
| Sprache: | English |
| Veröffentlicht: |
Birmingham, UK :
Packt Publishing,
2017.
|
| Schlagworte: | |
| Online-Zugang: | Volltext |
| Zusammenfassung: | Implement information security effectively as per your organization's needs. About This Book Learn to build your own information security framework, the best fit for your organization Build on the concepts of threat modeling, incidence response, and security analysis Practical use cases and best practices for information security Who This Book Is For This book is for security analysts and professionals who deal with security mechanisms in an organization. If you are looking for an end to end guide on information security and risk analysis with no prior knowledge of this domain, then this book is for you. What You Will Learn Develop your own information security framework Build your incident response mechanism Discover cloud security considerations Get to know the system development life cycle Get your security operation center up and running Know the various security testing types Balance security as per your business needs Implement information security best practices In Detail Having an information security mechanism is one of the most crucial factors for any organization. Important assets of organization demand a proper risk management and threat model for security, and so information security concepts are gaining a lot of traction. This book starts with the concept of information security and shows you why it's important. It then moves on to modules such as threat modeling, risk management, and mitigation. It also covers the concepts of incident response systems, information rights management, and more. Moving on, it guides you to build your own information security framework as the best fit for your organization. Toward the end, you'll discover some best practices that can be implemented to make your security framework strong. By the end of this book, you will be well-versed with all the factors involved in information security, which will help you build a security framework that is a perfect fit your organization's requirements. Style and approach This book takes a practical approach, walking you through information security fundamentals, along with information security best practices. |
| Beschreibung: | 1 online resource : illustrations |
| Bibliographie: | Includes bibliographical references and index. |
| ISBN: | 9781788473262 1788473264 |
Internformat
MARC
| LEADER | 00000cam a2200000 i 4500 | ||
|---|---|---|---|
| 001 | ZDB-4-EBA-on1019827284 | ||
| 003 | OCoLC | ||
| 005 | 20241004212047.0 | ||
| 006 | m o d | ||
| 007 | cr unu|||||||| | ||
| 008 | 180117s2017 enka ob 001 0 eng d | ||
| 040 | |a UMI |b eng |e rda |e pn |c UMI |d STF |d OCLCF |d TOH |d N$T |d CEF |d KSU |d DEBBG |d TEFOD |d UKAHL |d YDXIT |d QGK |d OCLCQ |d OCLCO |d NZAUC |d OCLCQ |d OCLCO |d DXU | ||
| 020 | |a 9781788473262 |q (electronic book) | ||
| 020 | |a 1788473264 |q (electronic book) | ||
| 020 | |z 9781788478830 | ||
| 035 | |a (OCoLC)1019827284 | ||
| 037 | |a CL0500000930 |b Safari Books Online | ||
| 037 | |a 0E7DD186-25DD-4616-93E2-16E399B9BFDF |b OverDrive, Inc. |n http://www.overdrive.com | ||
| 050 | 4 | |a TK5105.59 |b .D43 2017 | |
| 072 | 7 | |a COM |x 043050 |2 bisacsh | |
| 082 | 7 | |a 005.8 |2 23 | |
| 049 | |a MAIN | ||
| 100 | 1 | |a Death, Darren, |e author. | |
| 245 | 1 | 0 | |a Information security handbook : |b develop a threat model and incident response strategy to build a strong information security framework / |c Darren Death. |
| 264 | 1 | |a Birmingham, UK : |b Packt Publishing, |c 2017. | |
| 300 | |a 1 online resource : |b illustrations | ||
| 336 | |a text |b txt |2 rdacontent | ||
| 337 | |a computer |b c |2 rdamedia | ||
| 338 | |a online resource |b cr |2 rdacarrier | ||
| 504 | |a Includes bibliographical references and index. | ||
| 520 | |a Implement information security effectively as per your organization's needs. About This Book Learn to build your own information security framework, the best fit for your organization Build on the concepts of threat modeling, incidence response, and security analysis Practical use cases and best practices for information security Who This Book Is For This book is for security analysts and professionals who deal with security mechanisms in an organization. If you are looking for an end to end guide on information security and risk analysis with no prior knowledge of this domain, then this book is for you. What You Will Learn Develop your own information security framework Build your incident response mechanism Discover cloud security considerations Get to know the system development life cycle Get your security operation center up and running Know the various security testing types Balance security as per your business needs Implement information security best practices In Detail Having an information security mechanism is one of the most crucial factors for any organization. Important assets of organization demand a proper risk management and threat model for security, and so information security concepts are gaining a lot of traction. This book starts with the concept of information security and shows you why it's important. It then moves on to modules such as threat modeling, risk management, and mitigation. It also covers the concepts of incident response systems, information rights management, and more. Moving on, it guides you to build your own information security framework as the best fit for your organization. Toward the end, you'll discover some best practices that can be implemented to make your security framework strong. By the end of this book, you will be well-versed with all the factors involved in information security, which will help you build a security framework that is a perfect fit your organization's requirements. Style and approach This book takes a practical approach, walking you through information security fundamentals, along with information security best practices. | ||
| 588 | 0 | |a Online resource; title from PDF title page (viewed May 22, 2020). | |
| 505 | 0 | |a Cover -- Copyright -- Credits -- About the Author -- About the Reviewers -- www.PacktPub.com -- Customer Feedback -- Table of Contents -- Preface -- Chapter 1: Information and Data Security Fundamentals -- Information security challenges -- Evolution of cybercrime -- The modern role of information security -- IT security engineering -- Information assurance -- The CIA triad -- Organizational information security assessment -- Risk management -- Information security standards -- Policies -- Training -- Key components of an effective training and awareness program -- Summary -- Chapter 2: Defining the Threat Landscape -- What is important to your organization and who wants it? -- Compliance -- Hackers and hacking -- Black hat hacker -- White hat or ethical hacker -- Blue hat hacker -- Grey hat hacker -- Penetration testing -- Hacktivist -- Script kiddie -- Nation state -- Cybercrime -- Methods used by the attacker -- Exploits -- Hacker techniques -- Methods of conducting training and awareness -- Closing information system vulnerabilities -- Vulnerability management -- The case for vulnerability management -- Summary -- Chapter 3: Preparing for Information and Data Security -- Establishing an information security program -- Don't start from scratch, use a framework -- Security program success factors -- Executive or board support -- Supporting the organization's mission -- Rightsizing information security for the organization -- Security awareness and training program -- Information security built into SDLC -- Information security program maturity -- Information security policies -- Information security program policy -- Operational policy -- System-specific policy -- Standards -- Procedures -- Guidelines -- Recommended operational policies -- Planning policy -- Access control policy -- Awareness and training policy. | |
| 505 | 8 | |a Auditing and accountability policy -- Configuration management policy -- Contingency planning policy -- Identification and authentication policy -- Incident response policy -- Maintenance policy -- Media protection policy -- Personnel security policy -- Physical and environmental protection policy -- Risk assessment policy -- Security assessment policy -- System and communications protection policy -- System and information integrity policy -- Systems and services acquisitions policy -- Summary -- Chapter 4: Information Security Risk Management -- What is risk? -- Who owns organizational risk? -- Risk ownership -- What is risk management? -- Where is your valuable data? -- What does my organization have that is worth protecting? -- Intellectual property trade secrets -- Personally Identifiable Information -- PII -- Personal Health Information -- PHI -- General questions -- Performing a quick risk assessment -- Risk management is an organization-wide activity -- Business operations -- IT operations -- Personnel -- External organization -- Risk management life cycle -- Information categorization -- Data classification looks to understand -- Data classification steps -- Determining information assets -- Finding information in the environment -- Disaster recovery considerations -- Backup storage considerations -- Types of storage options -- Questions you should ask your business users regarding their information's location -- Questions you should ask your IT organization regarding the information's location -- Organizing information into categories -- Examples of information type categories -- Publicly available information -- Credit card information -- Trade secrets -- Valuing the information and establishing impact -- Valuing information -- Establishing impact -- Security control selection -- Information security frameworks. | |
| 505 | 8 | |a Security control implementation -- Assessing implemented security controls -- Authorizing information systems to operate -- Monitoring information system security controls -- Calculating risk -- Qualitative risk analysis -- Identifying your organizations threats -- Identifying your organizations vulnerabilities -- Pairing threats with vulnerabilities -- Estimating likelihood -- Estimating impact -- Conducting the risk assessment -- Management choices when it comes to risk -- Quantitative analysis -- Qualitative risk assessment example -- Summary -- Chapter 5: Developing Your Information and Data Security Plan -- Determine your information security program objectives -- Example information security program activities -- Elements for a successful information security program -- Analysis to rightsizing your information security program -- Compliance requirements -- Is your organization centralized or decentralized? -- Centralized -- Decentralized -- What is your organization's business risk appetite? -- How mature is your organization? -- Helping to guarantee success -- Business alignment -- Information security is a business project not an IT project -- Organizational change management -- Key information security program plan elements -- Develop your information security program strategy -- Establish key initiatives -- Define roles and responsibilities -- Defining enforcement authority -- Pulling it all together -- Summary -- Chapter 6: Continuous Testing and Monitoring -- Types of technical testing -- SDLC considerations for testing -- Project initiation -- Requirements analysis -- System design -- System implementation -- System testing -- Operations and maintenance -- Disposition -- SDLC summary -- Continuous monitoring -- Information security assessment automation -- Effective reporting of information security status. | |
| 505 | 8 | |a Alerting of information security weakness -- Vulnerability assessment -- Business relationship with vulnerability assessment -- Vulnerability scanning -- Vulnerability scanning process -- Vulnerability resolution -- Penetration testing -- Phases of a penetration test -- Difference between vulnerability assessment and penetration testing -- Examples of successful attacks in the news -- Point of sale system attacks -- Cloud-based misconfigurations -- Summary -- Chapter 7: Business Continuity/Disaster Recovery Planning -- Scope of BCDR plan -- Business continuity planning -- Disaster recovery planning -- Focus areas for BCDR planning -- Management -- Operational -- Technical -- Designing the BCDR plan -- Requirements and context gathering -- business impact assessment -- Inputs to the BIA -- Outputs from the BIA -- Sample BIA form -- Define technical disasters recovery mechanisms -- Identify and document required resources -- Conduct a gap analysis -- Develop disaster recovery mechanisms -- Develop your plan -- Develop recovery teams -- Establish relocation plans -- Develop detailed recovery procedures -- Test the BCDR plan -- Summary -- Chapter 8: Incident Response Planning -- Do I need an incident response plan? -- Components of an incident response plan -- Preparing the incident response plan -- Understanding what is important -- Prioritizing the incident response plan -- Determining what normal looks Like -- Observe, orient, decide, and act -- OODA -- Incident response procedure development -- Identification -- detection and analysis -- Identification -- incident response tools -- Observational (OODA) technical tools -- Orientation (OODA) tools -- Decision (OODA) tools -- Remediation -- containment/recovery/mitigation -- Remediation -- incident response tools -- Act (Response) (OODA) tools -- Post incident activity -- Lessons-learned sessions. | |
| 505 | 8 | |a Incident response plan testing -- Summary -- Chapter 9: Developing a Security Operations Center -- Responsibilities of the SOC -- Management of security operations center tools -- Security operation center toolset design -- Using already implemented toolsets -- Security operations center roles -- Log or information aggregation -- Log or information analysis -- Processes and procedures -- Identification -- detection and analysis -- Events versus alerts versus incidents -- False positive versus false negative/true positive versus true negative -- Remediation -- containment/eradication/recovery -- Security operations center tools -- Security operations center advantages -- MSSP advantages -- Summary -- Chapter 10: Developing an Information Security Architecture Program -- Information security architecture and SDLC/SELC -- Conducting an initial information security analysis -- Purpose and description of the information system -- Determining compliance requirements -- Compliance standards -- Documenting key information system and project roles -- Project roles -- Information system roles -- Defining the expected user types -- Documenting interface requirements -- Documenting external information systems access -- Conducting a business impact assessment -- Inputs to the BIA -- Conducting an information categorization -- Developing a security architecture advisement program -- Partnering with your business stakeholders -- Information security architecture process -- Example information security architecture process -- Summary -- Chapter 11: Cloud Security Consideration -- Cloud computing characteristics -- Cloud computing service models -- Infrastructure as a Service -- IaaS -- Platform as a Service -- PaaS -- Software as a Service -- SaaS -- Cloud computing deployment models -- Public cloud -- Private cloud -- Community cloud -- Hybrid cloud. | |
| 650 | 0 | |a Computer networks |x Security measures. |0 http://id.loc.gov/authorities/subjects/sh94001277 | |
| 650 | 0 | |a Information technology |x Security measures. | |
| 650 | 0 | |a Information technology |x Management. |0 http://id.loc.gov/authorities/subjects/sh2008006980 | |
| 650 | 0 | |a Industries |x Security measures. |0 http://id.loc.gov/authorities/subjects/sh85065971 | |
| 650 | 6 | |a Réseaux d'ordinateurs |x Sécurité |x Mesures. | |
| 650 | 6 | |a Technologie de l'information |x Sécurité |x Mesures. | |
| 650 | 6 | |a Technologie de l'information |x Gestion. | |
| 650 | 6 | |a Industrie |x Sécurité |x Mesures. | |
| 650 | 7 | |a COMPUTERS |x Security |x Networking. |2 bisacsh | |
| 650 | 7 | |a Computer networks |x Security measures |2 fast | |
| 650 | 7 | |a Industries |x Security measures |2 fast | |
| 650 | 7 | |a Information technology |x Management |2 fast | |
| 650 | 7 | |a Information technology |x Security measures |2 fast | |
| 856 | 4 | 0 | |l FWS01 |p ZDB-4-EBA |q FWS_PDA_EBA |u https://search.ebscohost.com/login.aspx?direct=true&scope=site&db=nlebk&AN=1655557 |3 Volltext |
| 938 | |a Askews and Holts Library Services |b ASKH |n AH33814620 | ||
| 938 | |a EBSCOhost |b EBSC |n 1655557 | ||
| 994 | |a 92 |b GEBAY | ||
| 912 | |a ZDB-4-EBA | ||
| 049 | |a DE-863 | ||
Datensatz im Suchindex
| DE-BY-FWS_katkey | ZDB-4-EBA-on1019827284 |
|---|---|
| _version_ | 1816882410304831488 |
| adam_text | |
| any_adam_object | |
| author | Death, Darren |
| author_facet | Death, Darren |
| author_role | aut |
| author_sort | Death, Darren |
| author_variant | d d dd |
| building | Verbundindex |
| bvnumber | localFWS |
| callnumber-first | T - Technology |
| callnumber-label | TK5105 |
| callnumber-raw | TK5105.59 .D43 2017 |
| callnumber-search | TK5105.59 .D43 2017 |
| callnumber-sort | TK 45105.59 D43 42017 |
| callnumber-subject | TK - Electrical and Nuclear Engineering |
| collection | ZDB-4-EBA |
| contents | Cover -- Copyright -- Credits -- About the Author -- About the Reviewers -- www.PacktPub.com -- Customer Feedback -- Table of Contents -- Preface -- Chapter 1: Information and Data Security Fundamentals -- Information security challenges -- Evolution of cybercrime -- The modern role of information security -- IT security engineering -- Information assurance -- The CIA triad -- Organizational information security assessment -- Risk management -- Information security standards -- Policies -- Training -- Key components of an effective training and awareness program -- Summary -- Chapter 2: Defining the Threat Landscape -- What is important to your organization and who wants it? -- Compliance -- Hackers and hacking -- Black hat hacker -- White hat or ethical hacker -- Blue hat hacker -- Grey hat hacker -- Penetration testing -- Hacktivist -- Script kiddie -- Nation state -- Cybercrime -- Methods used by the attacker -- Exploits -- Hacker techniques -- Methods of conducting training and awareness -- Closing information system vulnerabilities -- Vulnerability management -- The case for vulnerability management -- Summary -- Chapter 3: Preparing for Information and Data Security -- Establishing an information security program -- Don't start from scratch, use a framework -- Security program success factors -- Executive or board support -- Supporting the organization's mission -- Rightsizing information security for the organization -- Security awareness and training program -- Information security built into SDLC -- Information security program maturity -- Information security policies -- Information security program policy -- Operational policy -- System-specific policy -- Standards -- Procedures -- Guidelines -- Recommended operational policies -- Planning policy -- Access control policy -- Awareness and training policy. Auditing and accountability policy -- Configuration management policy -- Contingency planning policy -- Identification and authentication policy -- Incident response policy -- Maintenance policy -- Media protection policy -- Personnel security policy -- Physical and environmental protection policy -- Risk assessment policy -- Security assessment policy -- System and communications protection policy -- System and information integrity policy -- Systems and services acquisitions policy -- Summary -- Chapter 4: Information Security Risk Management -- What is risk? -- Who owns organizational risk? -- Risk ownership -- What is risk management? -- Where is your valuable data? -- What does my organization have that is worth protecting? -- Intellectual property trade secrets -- Personally Identifiable Information -- PII -- Personal Health Information -- PHI -- General questions -- Performing a quick risk assessment -- Risk management is an organization-wide activity -- Business operations -- IT operations -- Personnel -- External organization -- Risk management life cycle -- Information categorization -- Data classification looks to understand -- Data classification steps -- Determining information assets -- Finding information in the environment -- Disaster recovery considerations -- Backup storage considerations -- Types of storage options -- Questions you should ask your business users regarding their information's location -- Questions you should ask your IT organization regarding the information's location -- Organizing information into categories -- Examples of information type categories -- Publicly available information -- Credit card information -- Trade secrets -- Valuing the information and establishing impact -- Valuing information -- Establishing impact -- Security control selection -- Information security frameworks. Security control implementation -- Assessing implemented security controls -- Authorizing information systems to operate -- Monitoring information system security controls -- Calculating risk -- Qualitative risk analysis -- Identifying your organizations threats -- Identifying your organizations vulnerabilities -- Pairing threats with vulnerabilities -- Estimating likelihood -- Estimating impact -- Conducting the risk assessment -- Management choices when it comes to risk -- Quantitative analysis -- Qualitative risk assessment example -- Summary -- Chapter 5: Developing Your Information and Data Security Plan -- Determine your information security program objectives -- Example information security program activities -- Elements for a successful information security program -- Analysis to rightsizing your information security program -- Compliance requirements -- Is your organization centralized or decentralized? -- Centralized -- Decentralized -- What is your organization's business risk appetite? -- How mature is your organization? -- Helping to guarantee success -- Business alignment -- Information security is a business project not an IT project -- Organizational change management -- Key information security program plan elements -- Develop your information security program strategy -- Establish key initiatives -- Define roles and responsibilities -- Defining enforcement authority -- Pulling it all together -- Summary -- Chapter 6: Continuous Testing and Monitoring -- Types of technical testing -- SDLC considerations for testing -- Project initiation -- Requirements analysis -- System design -- System implementation -- System testing -- Operations and maintenance -- Disposition -- SDLC summary -- Continuous monitoring -- Information security assessment automation -- Effective reporting of information security status. Alerting of information security weakness -- Vulnerability assessment -- Business relationship with vulnerability assessment -- Vulnerability scanning -- Vulnerability scanning process -- Vulnerability resolution -- Penetration testing -- Phases of a penetration test -- Difference between vulnerability assessment and penetration testing -- Examples of successful attacks in the news -- Point of sale system attacks -- Cloud-based misconfigurations -- Summary -- Chapter 7: Business Continuity/Disaster Recovery Planning -- Scope of BCDR plan -- Business continuity planning -- Disaster recovery planning -- Focus areas for BCDR planning -- Management -- Operational -- Technical -- Designing the BCDR plan -- Requirements and context gathering -- business impact assessment -- Inputs to the BIA -- Outputs from the BIA -- Sample BIA form -- Define technical disasters recovery mechanisms -- Identify and document required resources -- Conduct a gap analysis -- Develop disaster recovery mechanisms -- Develop your plan -- Develop recovery teams -- Establish relocation plans -- Develop detailed recovery procedures -- Test the BCDR plan -- Summary -- Chapter 8: Incident Response Planning -- Do I need an incident response plan? -- Components of an incident response plan -- Preparing the incident response plan -- Understanding what is important -- Prioritizing the incident response plan -- Determining what normal looks Like -- Observe, orient, decide, and act -- OODA -- Incident response procedure development -- Identification -- detection and analysis -- Identification -- incident response tools -- Observational (OODA) technical tools -- Orientation (OODA) tools -- Decision (OODA) tools -- Remediation -- containment/recovery/mitigation -- Remediation -- incident response tools -- Act (Response) (OODA) tools -- Post incident activity -- Lessons-learned sessions. Incident response plan testing -- Summary -- Chapter 9: Developing a Security Operations Center -- Responsibilities of the SOC -- Management of security operations center tools -- Security operation center toolset design -- Using already implemented toolsets -- Security operations center roles -- Log or information aggregation -- Log or information analysis -- Processes and procedures -- Identification -- detection and analysis -- Events versus alerts versus incidents -- False positive versus false negative/true positive versus true negative -- Remediation -- containment/eradication/recovery -- Security operations center tools -- Security operations center advantages -- MSSP advantages -- Summary -- Chapter 10: Developing an Information Security Architecture Program -- Information security architecture and SDLC/SELC -- Conducting an initial information security analysis -- Purpose and description of the information system -- Determining compliance requirements -- Compliance standards -- Documenting key information system and project roles -- Project roles -- Information system roles -- Defining the expected user types -- Documenting interface requirements -- Documenting external information systems access -- Conducting a business impact assessment -- Inputs to the BIA -- Conducting an information categorization -- Developing a security architecture advisement program -- Partnering with your business stakeholders -- Information security architecture process -- Example information security architecture process -- Summary -- Chapter 11: Cloud Security Consideration -- Cloud computing characteristics -- Cloud computing service models -- Infrastructure as a Service -- IaaS -- Platform as a Service -- PaaS -- Software as a Service -- SaaS -- Cloud computing deployment models -- Public cloud -- Private cloud -- Community cloud -- Hybrid cloud. |
| ctrlnum | (OCoLC)1019827284 |
| dewey-full | 005.8 |
| dewey-hundreds | 000 - Computer science, information, general works |
| dewey-ones | 005 - Computer programming, programs, data, security |
| dewey-raw | 005.8 |
| dewey-search | 005.8 |
| dewey-sort | 15.8 |
| dewey-tens | 000 - Computer science, information, general works |
| discipline | Informatik |
| format | Electronic eBook |
| fullrecord | <?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>14021cam a2200613 i 4500</leader><controlfield tag="001">ZDB-4-EBA-on1019827284</controlfield><controlfield tag="003">OCoLC</controlfield><controlfield tag="005">20241004212047.0</controlfield><controlfield tag="006">m o d </controlfield><controlfield tag="007">cr unu||||||||</controlfield><controlfield tag="008">180117s2017 enka ob 001 0 eng d</controlfield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">UMI</subfield><subfield code="b">eng</subfield><subfield code="e">rda</subfield><subfield code="e">pn</subfield><subfield code="c">UMI</subfield><subfield code="d">STF</subfield><subfield code="d">OCLCF</subfield><subfield code="d">TOH</subfield><subfield code="d">N$T</subfield><subfield code="d">CEF</subfield><subfield code="d">KSU</subfield><subfield code="d">DEBBG</subfield><subfield code="d">TEFOD</subfield><subfield code="d">UKAHL</subfield><subfield code="d">YDXIT</subfield><subfield code="d">QGK</subfield><subfield code="d">OCLCQ</subfield><subfield code="d">OCLCO</subfield><subfield code="d">NZAUC</subfield><subfield code="d">OCLCQ</subfield><subfield code="d">OCLCO</subfield><subfield code="d">DXU</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">9781788473262</subfield><subfield code="q">(electronic book)</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">1788473264</subfield><subfield code="q">(electronic book)</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="z">9781788478830</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(OCoLC)1019827284</subfield></datafield><datafield tag="037" ind1=" " ind2=" "><subfield code="a">CL0500000930</subfield><subfield code="b">Safari Books Online</subfield></datafield><datafield tag="037" ind1=" " ind2=" "><subfield code="a">0E7DD186-25DD-4616-93E2-16E399B9BFDF</subfield><subfield code="b">OverDrive, Inc.</subfield><subfield code="n">http://www.overdrive.com</subfield></datafield><datafield tag="050" ind1=" " ind2="4"><subfield code="a">TK5105.59</subfield><subfield code="b">.D43 2017</subfield></datafield><datafield tag="072" ind1=" " ind2="7"><subfield code="a">COM</subfield><subfield code="x">043050</subfield><subfield code="2">bisacsh</subfield></datafield><datafield tag="082" ind1="7" ind2=" "><subfield code="a">005.8</subfield><subfield code="2">23</subfield></datafield><datafield tag="049" ind1=" " ind2=" "><subfield code="a">MAIN</subfield></datafield><datafield tag="100" ind1="1" ind2=" "><subfield code="a">Death, Darren,</subfield><subfield code="e">author.</subfield></datafield><datafield tag="245" ind1="1" ind2="0"><subfield code="a">Information security handbook :</subfield><subfield code="b">develop a threat model and incident response strategy to build a strong information security framework /</subfield><subfield code="c">Darren Death.</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="a">Birmingham, UK :</subfield><subfield code="b">Packt Publishing,</subfield><subfield code="c">2017.</subfield></datafield><datafield tag="300" ind1=" " ind2=" "><subfield code="a">1 online resource :</subfield><subfield code="b">illustrations</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="a">text</subfield><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="a">computer</subfield><subfield code="b">c</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="a">online resource</subfield><subfield code="b">cr</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="504" ind1=" " ind2=" "><subfield code="a">Includes bibliographical references and index.</subfield></datafield><datafield tag="520" ind1=" " ind2=" "><subfield code="a">Implement information security effectively as per your organization's needs. About This Book Learn to build your own information security framework, the best fit for your organization Build on the concepts of threat modeling, incidence response, and security analysis Practical use cases and best practices for information security Who This Book Is For This book is for security analysts and professionals who deal with security mechanisms in an organization. If you are looking for an end to end guide on information security and risk analysis with no prior knowledge of this domain, then this book is for you. What You Will Learn Develop your own information security framework Build your incident response mechanism Discover cloud security considerations Get to know the system development life cycle Get your security operation center up and running Know the various security testing types Balance security as per your business needs Implement information security best practices In Detail Having an information security mechanism is one of the most crucial factors for any organization. Important assets of organization demand a proper risk management and threat model for security, and so information security concepts are gaining a lot of traction. This book starts with the concept of information security and shows you why it's important. It then moves on to modules such as threat modeling, risk management, and mitigation. It also covers the concepts of incident response systems, information rights management, and more. Moving on, it guides you to build your own information security framework as the best fit for your organization. Toward the end, you'll discover some best practices that can be implemented to make your security framework strong. By the end of this book, you will be well-versed with all the factors involved in information security, which will help you build a security framework that is a perfect fit your organization's requirements. Style and approach This book takes a practical approach, walking you through information security fundamentals, along with information security best practices.</subfield></datafield><datafield tag="588" ind1="0" ind2=" "><subfield code="a">Online resource; title from PDF title page (viewed May 22, 2020).</subfield></datafield><datafield tag="505" ind1="0" ind2=" "><subfield code="a">Cover -- Copyright -- Credits -- About the Author -- About the Reviewers -- www.PacktPub.com -- Customer Feedback -- Table of Contents -- Preface -- Chapter 1: Information and Data Security Fundamentals -- Information security challenges -- Evolution of cybercrime -- The modern role of information security -- IT security engineering -- Information assurance -- The CIA triad -- Organizational information security assessment -- Risk management -- Information security standards -- Policies -- Training -- Key components of an effective training and awareness program -- Summary -- Chapter 2: Defining the Threat Landscape -- What is important to your organization and who wants it? -- Compliance -- Hackers and hacking -- Black hat hacker -- White hat or ethical hacker -- Blue hat hacker -- Grey hat hacker -- Penetration testing -- Hacktivist -- Script kiddie -- Nation state -- Cybercrime -- Methods used by the attacker -- Exploits -- Hacker techniques -- Methods of conducting training and awareness -- Closing information system vulnerabilities -- Vulnerability management -- The case for vulnerability management -- Summary -- Chapter 3: Preparing for Information and Data Security -- Establishing an information security program -- Don't start from scratch, use a framework -- Security program success factors -- Executive or board support -- Supporting the organization's mission -- Rightsizing information security for the organization -- Security awareness and training program -- Information security built into SDLC -- Information security program maturity -- Information security policies -- Information security program policy -- Operational policy -- System-specific policy -- Standards -- Procedures -- Guidelines -- Recommended operational policies -- Planning policy -- Access control policy -- Awareness and training policy.</subfield></datafield><datafield tag="505" ind1="8" ind2=" "><subfield code="a">Auditing and accountability policy -- Configuration management policy -- Contingency planning policy -- Identification and authentication policy -- Incident response policy -- Maintenance policy -- Media protection policy -- Personnel security policy -- Physical and environmental protection policy -- Risk assessment policy -- Security assessment policy -- System and communications protection policy -- System and information integrity policy -- Systems and services acquisitions policy -- Summary -- Chapter 4: Information Security Risk Management -- What is risk? -- Who owns organizational risk? -- Risk ownership -- What is risk management? -- Where is your valuable data? -- What does my organization have that is worth protecting? -- Intellectual property trade secrets -- Personally Identifiable Information -- PII -- Personal Health Information -- PHI -- General questions -- Performing a quick risk assessment -- Risk management is an organization-wide activity -- Business operations -- IT operations -- Personnel -- External organization -- Risk management life cycle -- Information categorization -- Data classification looks to understand -- Data classification steps -- Determining information assets -- Finding information in the environment -- Disaster recovery considerations -- Backup storage considerations -- Types of storage options -- Questions you should ask your business users regarding their information's location -- Questions you should ask your IT organization regarding the information's location -- Organizing information into categories -- Examples of information type categories -- Publicly available information -- Credit card information -- Trade secrets -- Valuing the information and establishing impact -- Valuing information -- Establishing impact -- Security control selection -- Information security frameworks.</subfield></datafield><datafield tag="505" ind1="8" ind2=" "><subfield code="a">Security control implementation -- Assessing implemented security controls -- Authorizing information systems to operate -- Monitoring information system security controls -- Calculating risk -- Qualitative risk analysis -- Identifying your organizations threats -- Identifying your organizations vulnerabilities -- Pairing threats with vulnerabilities -- Estimating likelihood -- Estimating impact -- Conducting the risk assessment -- Management choices when it comes to risk -- Quantitative analysis -- Qualitative risk assessment example -- Summary -- Chapter 5: Developing Your Information and Data Security Plan -- Determine your information security program objectives -- Example information security program activities -- Elements for a successful information security program -- Analysis to rightsizing your information security program -- Compliance requirements -- Is your organization centralized or decentralized? -- Centralized -- Decentralized -- What is your organization's business risk appetite? -- How mature is your organization? -- Helping to guarantee success -- Business alignment -- Information security is a business project not an IT project -- Organizational change management -- Key information security program plan elements -- Develop your information security program strategy -- Establish key initiatives -- Define roles and responsibilities -- Defining enforcement authority -- Pulling it all together -- Summary -- Chapter 6: Continuous Testing and Monitoring -- Types of technical testing -- SDLC considerations for testing -- Project initiation -- Requirements analysis -- System design -- System implementation -- System testing -- Operations and maintenance -- Disposition -- SDLC summary -- Continuous monitoring -- Information security assessment automation -- Effective reporting of information security status.</subfield></datafield><datafield tag="505" ind1="8" ind2=" "><subfield code="a">Alerting of information security weakness -- Vulnerability assessment -- Business relationship with vulnerability assessment -- Vulnerability scanning -- Vulnerability scanning process -- Vulnerability resolution -- Penetration testing -- Phases of a penetration test -- Difference between vulnerability assessment and penetration testing -- Examples of successful attacks in the news -- Point of sale system attacks -- Cloud-based misconfigurations -- Summary -- Chapter 7: Business Continuity/Disaster Recovery Planning -- Scope of BCDR plan -- Business continuity planning -- Disaster recovery planning -- Focus areas for BCDR planning -- Management -- Operational -- Technical -- Designing the BCDR plan -- Requirements and context gathering -- business impact assessment -- Inputs to the BIA -- Outputs from the BIA -- Sample BIA form -- Define technical disasters recovery mechanisms -- Identify and document required resources -- Conduct a gap analysis -- Develop disaster recovery mechanisms -- Develop your plan -- Develop recovery teams -- Establish relocation plans -- Develop detailed recovery procedures -- Test the BCDR plan -- Summary -- Chapter 8: Incident Response Planning -- Do I need an incident response plan? -- Components of an incident response plan -- Preparing the incident response plan -- Understanding what is important -- Prioritizing the incident response plan -- Determining what normal looks Like -- Observe, orient, decide, and act -- OODA -- Incident response procedure development -- Identification -- detection and analysis -- Identification -- incident response tools -- Observational (OODA) technical tools -- Orientation (OODA) tools -- Decision (OODA) tools -- Remediation -- containment/recovery/mitigation -- Remediation -- incident response tools -- Act (Response) (OODA) tools -- Post incident activity -- Lessons-learned sessions.</subfield></datafield><datafield tag="505" ind1="8" ind2=" "><subfield code="a">Incident response plan testing -- Summary -- Chapter 9: Developing a Security Operations Center -- Responsibilities of the SOC -- Management of security operations center tools -- Security operation center toolset design -- Using already implemented toolsets -- Security operations center roles -- Log or information aggregation -- Log or information analysis -- Processes and procedures -- Identification -- detection and analysis -- Events versus alerts versus incidents -- False positive versus false negative/true positive versus true negative -- Remediation -- containment/eradication/recovery -- Security operations center tools -- Security operations center advantages -- MSSP advantages -- Summary -- Chapter 10: Developing an Information Security Architecture Program -- Information security architecture and SDLC/SELC -- Conducting an initial information security analysis -- Purpose and description of the information system -- Determining compliance requirements -- Compliance standards -- Documenting key information system and project roles -- Project roles -- Information system roles -- Defining the expected user types -- Documenting interface requirements -- Documenting external information systems access -- Conducting a business impact assessment -- Inputs to the BIA -- Conducting an information categorization -- Developing a security architecture advisement program -- Partnering with your business stakeholders -- Information security architecture process -- Example information security architecture process -- Summary -- Chapter 11: Cloud Security Consideration -- Cloud computing characteristics -- Cloud computing service models -- Infrastructure as a Service -- IaaS -- Platform as a Service -- PaaS -- Software as a Service -- SaaS -- Cloud computing deployment models -- Public cloud -- Private cloud -- Community cloud -- Hybrid cloud.</subfield></datafield><datafield tag="650" ind1=" " ind2="0"><subfield code="a">Computer networks</subfield><subfield code="x">Security measures.</subfield><subfield code="0">http://id.loc.gov/authorities/subjects/sh94001277</subfield></datafield><datafield tag="650" ind1=" " ind2="0"><subfield code="a">Information technology</subfield><subfield code="x">Security measures.</subfield></datafield><datafield tag="650" ind1=" " ind2="0"><subfield code="a">Information technology</subfield><subfield code="x">Management.</subfield><subfield code="0">http://id.loc.gov/authorities/subjects/sh2008006980</subfield></datafield><datafield tag="650" ind1=" " ind2="0"><subfield code="a">Industries</subfield><subfield code="x">Security measures.</subfield><subfield code="0">http://id.loc.gov/authorities/subjects/sh85065971</subfield></datafield><datafield tag="650" ind1=" " ind2="6"><subfield code="a">Réseaux d'ordinateurs</subfield><subfield code="x">Sécurité</subfield><subfield code="x">Mesures.</subfield></datafield><datafield tag="650" ind1=" " ind2="6"><subfield code="a">Technologie de l'information</subfield><subfield code="x">Sécurité</subfield><subfield code="x">Mesures.</subfield></datafield><datafield tag="650" ind1=" " ind2="6"><subfield code="a">Technologie de l'information</subfield><subfield code="x">Gestion.</subfield></datafield><datafield tag="650" ind1=" " ind2="6"><subfield code="a">Industrie</subfield><subfield code="x">Sécurité</subfield><subfield code="x">Mesures.</subfield></datafield><datafield tag="650" ind1=" " ind2="7"><subfield code="a">COMPUTERS</subfield><subfield code="x">Security</subfield><subfield code="x">Networking.</subfield><subfield code="2">bisacsh</subfield></datafield><datafield tag="650" ind1=" " ind2="7"><subfield code="a">Computer networks</subfield><subfield code="x">Security measures</subfield><subfield code="2">fast</subfield></datafield><datafield tag="650" ind1=" " ind2="7"><subfield code="a">Industries</subfield><subfield code="x">Security measures</subfield><subfield code="2">fast</subfield></datafield><datafield tag="650" ind1=" " ind2="7"><subfield code="a">Information technology</subfield><subfield code="x">Management</subfield><subfield code="2">fast</subfield></datafield><datafield tag="650" ind1=" " ind2="7"><subfield code="a">Information technology</subfield><subfield code="x">Security measures</subfield><subfield code="2">fast</subfield></datafield><datafield tag="856" ind1="4" ind2="0"><subfield code="l">FWS01</subfield><subfield code="p">ZDB-4-EBA</subfield><subfield code="q">FWS_PDA_EBA</subfield><subfield code="u">https://search.ebscohost.com/login.aspx?direct=true&scope=site&db=nlebk&AN=1655557</subfield><subfield code="3">Volltext</subfield></datafield><datafield tag="938" ind1=" " ind2=" "><subfield code="a">Askews and Holts Library Services</subfield><subfield code="b">ASKH</subfield><subfield code="n">AH33814620</subfield></datafield><datafield tag="938" ind1=" " ind2=" "><subfield code="a">EBSCOhost</subfield><subfield code="b">EBSC</subfield><subfield code="n">1655557</subfield></datafield><datafield tag="994" ind1=" " ind2=" "><subfield code="a">92</subfield><subfield code="b">GEBAY</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">ZDB-4-EBA</subfield></datafield><datafield tag="049" ind1=" " ind2=" "><subfield code="a">DE-863</subfield></datafield></record></collection> |
| id | ZDB-4-EBA-on1019827284 |
| illustrated | Illustrated |
| indexdate | 2024-11-27T13:28:10Z |
| institution | BVB |
| isbn | 9781788473262 1788473264 |
| language | English |
| oclc_num | 1019827284 |
| open_access_boolean | |
| owner | MAIN DE-863 DE-BY-FWS |
| owner_facet | MAIN DE-863 DE-BY-FWS |
| physical | 1 online resource : illustrations |
| psigel | ZDB-4-EBA |
| publishDate | 2017 |
| publishDateSearch | 2017 |
| publishDateSort | 2017 |
| publisher | Packt Publishing, |
| record_format | marc |
| spelling | Death, Darren, author. Information security handbook : develop a threat model and incident response strategy to build a strong information security framework / Darren Death. Birmingham, UK : Packt Publishing, 2017. 1 online resource : illustrations text txt rdacontent computer c rdamedia online resource cr rdacarrier Includes bibliographical references and index. Implement information security effectively as per your organization's needs. About This Book Learn to build your own information security framework, the best fit for your organization Build on the concepts of threat modeling, incidence response, and security analysis Practical use cases and best practices for information security Who This Book Is For This book is for security analysts and professionals who deal with security mechanisms in an organization. If you are looking for an end to end guide on information security and risk analysis with no prior knowledge of this domain, then this book is for you. What You Will Learn Develop your own information security framework Build your incident response mechanism Discover cloud security considerations Get to know the system development life cycle Get your security operation center up and running Know the various security testing types Balance security as per your business needs Implement information security best practices In Detail Having an information security mechanism is one of the most crucial factors for any organization. Important assets of organization demand a proper risk management and threat model for security, and so information security concepts are gaining a lot of traction. This book starts with the concept of information security and shows you why it's important. It then moves on to modules such as threat modeling, risk management, and mitigation. It also covers the concepts of incident response systems, information rights management, and more. Moving on, it guides you to build your own information security framework as the best fit for your organization. Toward the end, you'll discover some best practices that can be implemented to make your security framework strong. By the end of this book, you will be well-versed with all the factors involved in information security, which will help you build a security framework that is a perfect fit your organization's requirements. Style and approach This book takes a practical approach, walking you through information security fundamentals, along with information security best practices. Online resource; title from PDF title page (viewed May 22, 2020). Cover -- Copyright -- Credits -- About the Author -- About the Reviewers -- www.PacktPub.com -- Customer Feedback -- Table of Contents -- Preface -- Chapter 1: Information and Data Security Fundamentals -- Information security challenges -- Evolution of cybercrime -- The modern role of information security -- IT security engineering -- Information assurance -- The CIA triad -- Organizational information security assessment -- Risk management -- Information security standards -- Policies -- Training -- Key components of an effective training and awareness program -- Summary -- Chapter 2: Defining the Threat Landscape -- What is important to your organization and who wants it? -- Compliance -- Hackers and hacking -- Black hat hacker -- White hat or ethical hacker -- Blue hat hacker -- Grey hat hacker -- Penetration testing -- Hacktivist -- Script kiddie -- Nation state -- Cybercrime -- Methods used by the attacker -- Exploits -- Hacker techniques -- Methods of conducting training and awareness -- Closing information system vulnerabilities -- Vulnerability management -- The case for vulnerability management -- Summary -- Chapter 3: Preparing for Information and Data Security -- Establishing an information security program -- Don't start from scratch, use a framework -- Security program success factors -- Executive or board support -- Supporting the organization's mission -- Rightsizing information security for the organization -- Security awareness and training program -- Information security built into SDLC -- Information security program maturity -- Information security policies -- Information security program policy -- Operational policy -- System-specific policy -- Standards -- Procedures -- Guidelines -- Recommended operational policies -- Planning policy -- Access control policy -- Awareness and training policy. Auditing and accountability policy -- Configuration management policy -- Contingency planning policy -- Identification and authentication policy -- Incident response policy -- Maintenance policy -- Media protection policy -- Personnel security policy -- Physical and environmental protection policy -- Risk assessment policy -- Security assessment policy -- System and communications protection policy -- System and information integrity policy -- Systems and services acquisitions policy -- Summary -- Chapter 4: Information Security Risk Management -- What is risk? -- Who owns organizational risk? -- Risk ownership -- What is risk management? -- Where is your valuable data? -- What does my organization have that is worth protecting? -- Intellectual property trade secrets -- Personally Identifiable Information -- PII -- Personal Health Information -- PHI -- General questions -- Performing a quick risk assessment -- Risk management is an organization-wide activity -- Business operations -- IT operations -- Personnel -- External organization -- Risk management life cycle -- Information categorization -- Data classification looks to understand -- Data classification steps -- Determining information assets -- Finding information in the environment -- Disaster recovery considerations -- Backup storage considerations -- Types of storage options -- Questions you should ask your business users regarding their information's location -- Questions you should ask your IT organization regarding the information's location -- Organizing information into categories -- Examples of information type categories -- Publicly available information -- Credit card information -- Trade secrets -- Valuing the information and establishing impact -- Valuing information -- Establishing impact -- Security control selection -- Information security frameworks. Security control implementation -- Assessing implemented security controls -- Authorizing information systems to operate -- Monitoring information system security controls -- Calculating risk -- Qualitative risk analysis -- Identifying your organizations threats -- Identifying your organizations vulnerabilities -- Pairing threats with vulnerabilities -- Estimating likelihood -- Estimating impact -- Conducting the risk assessment -- Management choices when it comes to risk -- Quantitative analysis -- Qualitative risk assessment example -- Summary -- Chapter 5: Developing Your Information and Data Security Plan -- Determine your information security program objectives -- Example information security program activities -- Elements for a successful information security program -- Analysis to rightsizing your information security program -- Compliance requirements -- Is your organization centralized or decentralized? -- Centralized -- Decentralized -- What is your organization's business risk appetite? -- How mature is your organization? -- Helping to guarantee success -- Business alignment -- Information security is a business project not an IT project -- Organizational change management -- Key information security program plan elements -- Develop your information security program strategy -- Establish key initiatives -- Define roles and responsibilities -- Defining enforcement authority -- Pulling it all together -- Summary -- Chapter 6: Continuous Testing and Monitoring -- Types of technical testing -- SDLC considerations for testing -- Project initiation -- Requirements analysis -- System design -- System implementation -- System testing -- Operations and maintenance -- Disposition -- SDLC summary -- Continuous monitoring -- Information security assessment automation -- Effective reporting of information security status. Alerting of information security weakness -- Vulnerability assessment -- Business relationship with vulnerability assessment -- Vulnerability scanning -- Vulnerability scanning process -- Vulnerability resolution -- Penetration testing -- Phases of a penetration test -- Difference between vulnerability assessment and penetration testing -- Examples of successful attacks in the news -- Point of sale system attacks -- Cloud-based misconfigurations -- Summary -- Chapter 7: Business Continuity/Disaster Recovery Planning -- Scope of BCDR plan -- Business continuity planning -- Disaster recovery planning -- Focus areas for BCDR planning -- Management -- Operational -- Technical -- Designing the BCDR plan -- Requirements and context gathering -- business impact assessment -- Inputs to the BIA -- Outputs from the BIA -- Sample BIA form -- Define technical disasters recovery mechanisms -- Identify and document required resources -- Conduct a gap analysis -- Develop disaster recovery mechanisms -- Develop your plan -- Develop recovery teams -- Establish relocation plans -- Develop detailed recovery procedures -- Test the BCDR plan -- Summary -- Chapter 8: Incident Response Planning -- Do I need an incident response plan? -- Components of an incident response plan -- Preparing the incident response plan -- Understanding what is important -- Prioritizing the incident response plan -- Determining what normal looks Like -- Observe, orient, decide, and act -- OODA -- Incident response procedure development -- Identification -- detection and analysis -- Identification -- incident response tools -- Observational (OODA) technical tools -- Orientation (OODA) tools -- Decision (OODA) tools -- Remediation -- containment/recovery/mitigation -- Remediation -- incident response tools -- Act (Response) (OODA) tools -- Post incident activity -- Lessons-learned sessions. Incident response plan testing -- Summary -- Chapter 9: Developing a Security Operations Center -- Responsibilities of the SOC -- Management of security operations center tools -- Security operation center toolset design -- Using already implemented toolsets -- Security operations center roles -- Log or information aggregation -- Log or information analysis -- Processes and procedures -- Identification -- detection and analysis -- Events versus alerts versus incidents -- False positive versus false negative/true positive versus true negative -- Remediation -- containment/eradication/recovery -- Security operations center tools -- Security operations center advantages -- MSSP advantages -- Summary -- Chapter 10: Developing an Information Security Architecture Program -- Information security architecture and SDLC/SELC -- Conducting an initial information security analysis -- Purpose and description of the information system -- Determining compliance requirements -- Compliance standards -- Documenting key information system and project roles -- Project roles -- Information system roles -- Defining the expected user types -- Documenting interface requirements -- Documenting external information systems access -- Conducting a business impact assessment -- Inputs to the BIA -- Conducting an information categorization -- Developing a security architecture advisement program -- Partnering with your business stakeholders -- Information security architecture process -- Example information security architecture process -- Summary -- Chapter 11: Cloud Security Consideration -- Cloud computing characteristics -- Cloud computing service models -- Infrastructure as a Service -- IaaS -- Platform as a Service -- PaaS -- Software as a Service -- SaaS -- Cloud computing deployment models -- Public cloud -- Private cloud -- Community cloud -- Hybrid cloud. Computer networks Security measures. http://id.loc.gov/authorities/subjects/sh94001277 Information technology Security measures. Information technology Management. http://id.loc.gov/authorities/subjects/sh2008006980 Industries Security measures. http://id.loc.gov/authorities/subjects/sh85065971 Réseaux d'ordinateurs Sécurité Mesures. Technologie de l'information Sécurité Mesures. Technologie de l'information Gestion. Industrie Sécurité Mesures. COMPUTERS Security Networking. bisacsh Computer networks Security measures fast Industries Security measures fast Information technology Management fast Information technology Security measures fast FWS01 ZDB-4-EBA FWS_PDA_EBA https://search.ebscohost.com/login.aspx?direct=true&scope=site&db=nlebk&AN=1655557 Volltext |
| spellingShingle | Death, Darren Information security handbook : develop a threat model and incident response strategy to build a strong information security framework / Cover -- Copyright -- Credits -- About the Author -- About the Reviewers -- www.PacktPub.com -- Customer Feedback -- Table of Contents -- Preface -- Chapter 1: Information and Data Security Fundamentals -- Information security challenges -- Evolution of cybercrime -- The modern role of information security -- IT security engineering -- Information assurance -- The CIA triad -- Organizational information security assessment -- Risk management -- Information security standards -- Policies -- Training -- Key components of an effective training and awareness program -- Summary -- Chapter 2: Defining the Threat Landscape -- What is important to your organization and who wants it? -- Compliance -- Hackers and hacking -- Black hat hacker -- White hat or ethical hacker -- Blue hat hacker -- Grey hat hacker -- Penetration testing -- Hacktivist -- Script kiddie -- Nation state -- Cybercrime -- Methods used by the attacker -- Exploits -- Hacker techniques -- Methods of conducting training and awareness -- Closing information system vulnerabilities -- Vulnerability management -- The case for vulnerability management -- Summary -- Chapter 3: Preparing for Information and Data Security -- Establishing an information security program -- Don't start from scratch, use a framework -- Security program success factors -- Executive or board support -- Supporting the organization's mission -- Rightsizing information security for the organization -- Security awareness and training program -- Information security built into SDLC -- Information security program maturity -- Information security policies -- Information security program policy -- Operational policy -- System-specific policy -- Standards -- Procedures -- Guidelines -- Recommended operational policies -- Planning policy -- Access control policy -- Awareness and training policy. Auditing and accountability policy -- Configuration management policy -- Contingency planning policy -- Identification and authentication policy -- Incident response policy -- Maintenance policy -- Media protection policy -- Personnel security policy -- Physical and environmental protection policy -- Risk assessment policy -- Security assessment policy -- System and communications protection policy -- System and information integrity policy -- Systems and services acquisitions policy -- Summary -- Chapter 4: Information Security Risk Management -- What is risk? -- Who owns organizational risk? -- Risk ownership -- What is risk management? -- Where is your valuable data? -- What does my organization have that is worth protecting? -- Intellectual property trade secrets -- Personally Identifiable Information -- PII -- Personal Health Information -- PHI -- General questions -- Performing a quick risk assessment -- Risk management is an organization-wide activity -- Business operations -- IT operations -- Personnel -- External organization -- Risk management life cycle -- Information categorization -- Data classification looks to understand -- Data classification steps -- Determining information assets -- Finding information in the environment -- Disaster recovery considerations -- Backup storage considerations -- Types of storage options -- Questions you should ask your business users regarding their information's location -- Questions you should ask your IT organization regarding the information's location -- Organizing information into categories -- Examples of information type categories -- Publicly available information -- Credit card information -- Trade secrets -- Valuing the information and establishing impact -- Valuing information -- Establishing impact -- Security control selection -- Information security frameworks. Security control implementation -- Assessing implemented security controls -- Authorizing information systems to operate -- Monitoring information system security controls -- Calculating risk -- Qualitative risk analysis -- Identifying your organizations threats -- Identifying your organizations vulnerabilities -- Pairing threats with vulnerabilities -- Estimating likelihood -- Estimating impact -- Conducting the risk assessment -- Management choices when it comes to risk -- Quantitative analysis -- Qualitative risk assessment example -- Summary -- Chapter 5: Developing Your Information and Data Security Plan -- Determine your information security program objectives -- Example information security program activities -- Elements for a successful information security program -- Analysis to rightsizing your information security program -- Compliance requirements -- Is your organization centralized or decentralized? -- Centralized -- Decentralized -- What is your organization's business risk appetite? -- How mature is your organization? -- Helping to guarantee success -- Business alignment -- Information security is a business project not an IT project -- Organizational change management -- Key information security program plan elements -- Develop your information security program strategy -- Establish key initiatives -- Define roles and responsibilities -- Defining enforcement authority -- Pulling it all together -- Summary -- Chapter 6: Continuous Testing and Monitoring -- Types of technical testing -- SDLC considerations for testing -- Project initiation -- Requirements analysis -- System design -- System implementation -- System testing -- Operations and maintenance -- Disposition -- SDLC summary -- Continuous monitoring -- Information security assessment automation -- Effective reporting of information security status. Alerting of information security weakness -- Vulnerability assessment -- Business relationship with vulnerability assessment -- Vulnerability scanning -- Vulnerability scanning process -- Vulnerability resolution -- Penetration testing -- Phases of a penetration test -- Difference between vulnerability assessment and penetration testing -- Examples of successful attacks in the news -- Point of sale system attacks -- Cloud-based misconfigurations -- Summary -- Chapter 7: Business Continuity/Disaster Recovery Planning -- Scope of BCDR plan -- Business continuity planning -- Disaster recovery planning -- Focus areas for BCDR planning -- Management -- Operational -- Technical -- Designing the BCDR plan -- Requirements and context gathering -- business impact assessment -- Inputs to the BIA -- Outputs from the BIA -- Sample BIA form -- Define technical disasters recovery mechanisms -- Identify and document required resources -- Conduct a gap analysis -- Develop disaster recovery mechanisms -- Develop your plan -- Develop recovery teams -- Establish relocation plans -- Develop detailed recovery procedures -- Test the BCDR plan -- Summary -- Chapter 8: Incident Response Planning -- Do I need an incident response plan? -- Components of an incident response plan -- Preparing the incident response plan -- Understanding what is important -- Prioritizing the incident response plan -- Determining what normal looks Like -- Observe, orient, decide, and act -- OODA -- Incident response procedure development -- Identification -- detection and analysis -- Identification -- incident response tools -- Observational (OODA) technical tools -- Orientation (OODA) tools -- Decision (OODA) tools -- Remediation -- containment/recovery/mitigation -- Remediation -- incident response tools -- Act (Response) (OODA) tools -- Post incident activity -- Lessons-learned sessions. Incident response plan testing -- Summary -- Chapter 9: Developing a Security Operations Center -- Responsibilities of the SOC -- Management of security operations center tools -- Security operation center toolset design -- Using already implemented toolsets -- Security operations center roles -- Log or information aggregation -- Log or information analysis -- Processes and procedures -- Identification -- detection and analysis -- Events versus alerts versus incidents -- False positive versus false negative/true positive versus true negative -- Remediation -- containment/eradication/recovery -- Security operations center tools -- Security operations center advantages -- MSSP advantages -- Summary -- Chapter 10: Developing an Information Security Architecture Program -- Information security architecture and SDLC/SELC -- Conducting an initial information security analysis -- Purpose and description of the information system -- Determining compliance requirements -- Compliance standards -- Documenting key information system and project roles -- Project roles -- Information system roles -- Defining the expected user types -- Documenting interface requirements -- Documenting external information systems access -- Conducting a business impact assessment -- Inputs to the BIA -- Conducting an information categorization -- Developing a security architecture advisement program -- Partnering with your business stakeholders -- Information security architecture process -- Example information security architecture process -- Summary -- Chapter 11: Cloud Security Consideration -- Cloud computing characteristics -- Cloud computing service models -- Infrastructure as a Service -- IaaS -- Platform as a Service -- PaaS -- Software as a Service -- SaaS -- Cloud computing deployment models -- Public cloud -- Private cloud -- Community cloud -- Hybrid cloud. Computer networks Security measures. http://id.loc.gov/authorities/subjects/sh94001277 Information technology Security measures. Information technology Management. http://id.loc.gov/authorities/subjects/sh2008006980 Industries Security measures. http://id.loc.gov/authorities/subjects/sh85065971 Réseaux d'ordinateurs Sécurité Mesures. Technologie de l'information Sécurité Mesures. Technologie de l'information Gestion. Industrie Sécurité Mesures. COMPUTERS Security Networking. bisacsh Computer networks Security measures fast Industries Security measures fast Information technology Management fast Information technology Security measures fast |
| subject_GND | http://id.loc.gov/authorities/subjects/sh94001277 http://id.loc.gov/authorities/subjects/sh2008006980 http://id.loc.gov/authorities/subjects/sh85065971 |
| title | Information security handbook : develop a threat model and incident response strategy to build a strong information security framework / |
| title_auth | Information security handbook : develop a threat model and incident response strategy to build a strong information security framework / |
| title_exact_search | Information security handbook : develop a threat model and incident response strategy to build a strong information security framework / |
| title_full | Information security handbook : develop a threat model and incident response strategy to build a strong information security framework / Darren Death. |
| title_fullStr | Information security handbook : develop a threat model and incident response strategy to build a strong information security framework / Darren Death. |
| title_full_unstemmed | Information security handbook : develop a threat model and incident response strategy to build a strong information security framework / Darren Death. |
| title_short | Information security handbook : |
| title_sort | information security handbook develop a threat model and incident response strategy to build a strong information security framework |
| title_sub | develop a threat model and incident response strategy to build a strong information security framework / |
| topic | Computer networks Security measures. http://id.loc.gov/authorities/subjects/sh94001277 Information technology Security measures. Information technology Management. http://id.loc.gov/authorities/subjects/sh2008006980 Industries Security measures. http://id.loc.gov/authorities/subjects/sh85065971 Réseaux d'ordinateurs Sécurité Mesures. Technologie de l'information Sécurité Mesures. Technologie de l'information Gestion. Industrie Sécurité Mesures. COMPUTERS Security Networking. bisacsh Computer networks Security measures fast Industries Security measures fast Information technology Management fast Information technology Security measures fast |
| topic_facet | Computer networks Security measures. Information technology Security measures. Information technology Management. Industries Security measures. Réseaux d'ordinateurs Sécurité Mesures. Technologie de l'information Sécurité Mesures. Technologie de l'information Gestion. Industrie Sécurité Mesures. COMPUTERS Security Networking. Computer networks Security measures Industries Security measures Information technology Management Information technology Security measures |
| url | https://search.ebscohost.com/login.aspx?direct=true&scope=site&db=nlebk&AN=1655557 |
| work_keys_str_mv | AT deathdarren informationsecurityhandbookdevelopathreatmodelandincidentresponsestrategytobuildastronginformationsecurityframework |