Sale!

A Practical Guide to Managing Information Security 1st Edition by Steve Purser ISBN 9781580537032 1580537030

Name: A Practical Guide to Managing Information Security 1st Edition by Steve Purser ISBN 9781580537032 1580537030
SKU: EB-15662
Availability: InStock

Original price was: $50.00.Current price is: $35.00.

Authors:Steve Purser , Series:IT & Computer [243] , Tags:Business & Economics; Leadership; Information Management; Computers; Security; General , Author sort:Purser, Steve , Ids:Google; 9781580537025 , Languages:Languages:eng , Published:Published:Jan 2004 , Publisher:Artech House , Comments:Comments:This groundbreaking book helps you master the management of information security, concentrating on the proactive recognition and resolution of the practical issues of developing and implementing IT security for the enterprise. Drawing upon the authors’ wealth of valuable experience in high-risk commercial environments, the work focuses on the need to align the information security process as a whole with the requirements of the modern enterprise, which involves empowering business managers to manage information security-related risk. Throughout, the book places emphasis on the use of simple, pragmatic risk management as a tool for decision-making. The first book to cover the strategic issues of IT security, it helps you to: understand the difference between more theoretical treatments of information security and operational reality; learn how information security risk can be measured and subsequently managed; define and execute an information security strategy design and implement a security architecture; and ensure that limited resources are used optimally.

SKU: EB-15662 Category: eBook PDF Tags: Managing Information Security, Steve Purser

Description

A Practical Guide to Managing Information Security 1st Edition by Steve Purser – Ebook PDF Instant Download/Delivery. 9781580537032 ,1580537030
Full download A Practical Guide to Managing Information Security 1st Edition after payment

Product details:
ISBN 10: 1580537030
ISBN 13: 9781580537032
Author: Steve Purser

This groundbreaking book helps you master the management of information security, concentrating on the recognition and resolution of the practical issues of developing and implementing IT security for the enterprise. Drawing upon the authors’ wealth of valuable experience in high-risk commercial environments, the work focuses on the need to align the information security process as a whole with the requirements of the modern enterprise, which involves empowering business managers to manage information security-related risk. Throughout, the book places emphasis on the use of simple, pragmatic risk management as a tool for decision-making. The first book to cover the strategic issues of IT security, it helps you to: understand the difference between more theoretical treatments of information security and operational reality; learn how information security risk can be measured and subsequently managed; define and execute an information security strategy design and implement a security architecture; and ensure that limited resources are used optimally. Illustrated by practical examples, this topical volume reveals the current problem areas in IT security deployment and management. Moreover, it offers guidelines for writing scalable and flexible procedures for developing an IT security strategy and monitoring its implementation. You discover an approach for reducing complexity and risk, and find tips for building a successful team and managing communications issues within the organization. This essential resource provides practical insight into contradictions in the current approach to securing enterprise-wide IT infrastructures, recognizes the need to continually challenge dated concepts, demonstrates the necessity of using appropriate risk management techniques, and evaluates whether or not a given risk is acceptable in pursuit of future business opportunities.

A Practical Guide to Managing Information Security 1st Edition Table of contents:

Chapter 1: Introduction to Information Security

Defining Information Security
The Role of Information Security in Modern Organizations
The Importance of a Security Management Framework
Key Concepts: Confidentiality, Integrity, and Availability (CIA Triad)

Chapter 2: Building an Information Security Management System (ISMS)

What is an ISMS?
ISO/IEC 27001: An Overview
Steps in Building an ISMS
Policy Development and Risk Assessment
Lab: Developing Basic Security Policies

Chapter 3: Risk Management in Information Security

The Role of Risk Management
Identifying and Assessing Risks
Mitigating Security Risks
Risk Management Frameworks (NIST, ISO 31000)
Lab: Performing a Risk Assessment

Chapter 4: Governance and Compliance

Information Security Governance: Roles and Responsibilities
Legal, Regulatory, and Industry Compliance Requirements (GDPR, HIPAA, etc.)
Managing Audits and Reporting
Internal vs External Audits
Lab: Setting Up Compliance Tracking Systems

Chapter 5: Security Controls and Countermeasures

Types of Security Controls: Preventive, Detective, and Corrective
Implementing Technical, Administrative, and Physical Controls
Best Practices for Access Control and Authentication
Lab: Configuring Security Controls

Chapter 6: Security Operations and Incident Management

The Role of Security Operations
Developing an Incident Response Plan
Handling Security Incidents and Breaches
Incident Detection, Analysis, and Response
Lab: Simulating a Security Incident Response

Chapter 7: Security Awareness and Training

Building a Security Awareness Program
Human Factors and the Importance of Employee Training
Conducting Phishing and Social Engineering Awareness Campaigns
Lab: Running a Security Awareness Workshop

Chapter 8: Managing Network and Infrastructure Security

Protecting Network Perimeter and Internal Networks
Implementing Firewalls, IDS/IPS, and VPNs
Network Segmentation and Access Control
Lab: Securing a Network Infrastructure

Chapter 9: Protecting Data and Privacy

Data Classification and Handling
Encryption: Techniques and Tools
Privacy Considerations and Data Protection Regulations
Lab: Implementing Data Protection Measures

Chapter 10: Business Continuity and Disaster Recovery

Defining Business Continuity and Disaster Recovery
Developing and Testing a Business Continuity Plan (BCP)
Disaster Recovery Planning and Backup Strategies
Lab: Creating a Business Continuity Plan

Chapter 11: Emerging Trends and Future Challenges in Information Security

The Impact of Cloud Computing on Security
Artificial Intelligence and Machine Learning in Security
Cybersecurity in the Era of IoT and 5G
Evolving Threats and Attacks (Ransomware, Advanced Persistent Threats)
Lab: Addressing New and Emerging Security Threats

Chapter 12: Practical Considerations for Information Security Managers

Managing a Security Team and Resources
Budgeting for Security Initiatives
Metrics for Measuring Security Performance
Engaging with Senior Management and Stakeholders

People also search for A Practical Guide to Managing Information Security 1st Edition:

information security guide

information security practices

10 best practices in information management

a practical guide to risk management