Information security : a practical guide : bridging the gap between it and management / Tom Mooney.

Format:

Book

Author/Creator:

Mooney, Tom, author.

Language:

English

Subjects (All):

Computer security--Management.

Computer security.

Information technology--Management.

Information technology.

Physical Description:

1 online resource (134 p.)

Edition:

1st ed.

Place of Publication:

Cambridgeshire, England : IT Governance Publishing, 2015.

Language Note:

English

Summary:

<span>Provides an overview of basic information security practices that will enable your security team to better engage with their peers to address the threats facing the organisation as a whole.</span>

Contents:

Cover; Title; Copyright; Contents; Chapter 1: Day One as a Security Professional; Chapter Overview; Objectives; Your First Day; Confidentiality, Integrity and Availability (CIA); Getting to Know the Business; Key IT Personnel; What is the Security Culture?; Identifying the Gaps in Security; Chapter 2: Business Impact of Breaches; Chapter Overview; Objectives; How to Assess the Impact; Data Types; Impacts; Reputational Damage; Personal Impact; Contractual Impact; Financial Impact; Legal Impacts; Chapter 3: Business Risk Appetite; Chapter Overview; Objectives; Risk Appetite; Risk Treatments

Chapter 4: ThreatsChapter Overview; Objectives; Types of Threats; Hackers; Malware Writers; Script Kiddies; Journalists; Criminals; Physical Intruder; Researchers; Hacktivists; Disgruntled Employees; Chapter 5: Quick and Dirty Risk Assessment; Chapter Overview; Objectives; Identifying Risks; Defining the Risk Level; Risk Table; Realigning the Risk Level; Chapter 6: Getting Buy-in From Your Peers; Chapter Overview; Objectives; Points of Contact with your Peers; How to Engage with your Peers; Chapter 7: Documenting the System For Everyone; Chapter Overview; Objectives; Setting the Scene

EntitiesService Overview; Adding Boundaries; Showing Information Flow; Adding the Threats; Chapter 8: Mapping Data in the System; Chapter Overview; Objectives; Mapping Data; Chapter 9: Penetration Testing; Chapter Overview; Objectives; Types of Penetration Test; Scoping the test; Trusting the Testers; Implementing Fixes; Chapter 10: Information Security Policy; Chapter Overview; Objectives; The Advantages of Security Policies; Giving Your Policies Teeth; Key Security Policies; Ways of Ensuring Your Policy is Read; ITG Resources

Notes:

Description based upon print version of record.

Description based on online resource; title from PDF title page (ebrary, viewed July 25, 2015).

ISBN:

9781849287425

1849287422

OCLC:

914151232