Information assurance handbook : effective computer security and risk management strategies / Corey Schou, Steven Hernandez.

Format:

Book

Author/Creator:

Schou, Corey, author.

Hernandez, Steven, author.

Language:

English

Subjects (All):

Computer networks--Security measures--Handbooks, manuals, etc.

Computer networks.

Computer security--Handbooks, manuals, etc.

Computer security.

Data protection--Handbooks, manuals, etc.

Data protection.

Information storage and retrieval systems--Security measures--Handbooks, manuals, etc.

Information storage and retrieval systems.

Physical Description:

1 online resource (1 v.) : ill.

Edition:

1st edition

Other Title:

Effective computer security and risk management strategies

Place of Publication:

New York : McGraw-Hill Education, [2015]

Language Note:

English

System Details:

text file

Summary:

Best practices for protecting critical data and systems Information Assurance Handbook: Effective Computer Security and Risk Management Strategies discusses the tools and techniques required to prevent, detect, contain, correct, and recover from security breaches and other information assurance failures. This practical resource explains how to integrate information assurance into your enterprise planning in a non-technical manner. It leads you through building an IT strategy and offers an organizational approach to identifying, implementing, and controlling information assurance initiatives for small businesses and global enterprises alike. Common threats and vulnerabilities are described and applicable controls based on risk profiles are provided. Practical information assurance application examples are presented for select industries, including healthcare, retail, and industrial control systems. Chapter-ending critical thinking exercises reinforce the material covered. An extensive list of scholarly works and international government standards is also provided in this detailed guide. Comprehensive coverage includes: Basic information assurance principles and concepts Information assurance management system Current practices, regulations, and plans Impact of organizational structure Asset management Risk management and mitigation Human resource assurance Advantages of certification, accreditation, and assurance Information assurance in system development and acquisition Physical and environmental security controls Information assurance awareness, training, and education Access control Information security monitoring tools and methods Information assurance measurements and metrics Incident handling and computer forensics Business continuity management Backup and restoration Cloud computing and outsourcing strategies Information assurance big data concerns

Contents:

Machine generated contents note: Part I Information Security Infrastructure

1: The Need for Information Security

2: Concepts in Informaiton Security

3: Assets, Threats, Vulnerabilities, Risks, and Controls

4: Security Professionals and Organizations

5: Information Security management System

6: Implementing Information Security Strategy into Current Practices, Regulations, and Plans

Part II Information Security Planning Process

7: Approaches to Implementing Information Security

8: Organizational Structure for Mananging Information Security

9: Asset Management

10: Information Security Risk Management

11: Information Security Policy

12: Human Resouce Security

13: Certification, Accreditation, and Assurance

Part III Information Security Prevention Process

14: Information Security in System Development

15: Physical and Environmental Security Controls

16: Information Security Awareness, Training, and Education

17: Preventive Tools and Techniques

18: Access Control

Part IV Information Security Detection Process

19: Information Security Monitoring Tools and Methods

20: Information Security Measurements and Metrics

Part V Information Security Recovery Process

21: Information Security Incident Handling

22: Computer Forensics

23: Business Continuity

24: Backup and Restoration

Appendices.

Notes:

Bibliographic Level Mode of Issuance: Monograph

Includes bibliographical references and index.

Description based on print version record.

OCLC:

894514710