Information Security Handbook : Enhance Your Proficiency in Information Security Program Development / Darren Death.

Format:

Book

Author/Creator:

Death, Darren, author.

Language:

English

Subjects (All):

Computer networks--Security measures.

Computer networks.

Information technology--Security measures.

Information technology.

Information technology--Management.

Industries--Security measures.

Industries.

Physical Description:

1 online resource (370 pages)

Edition:

Second edition.

Place of Publication:

Birmingham, England : Packt Publishing Ltd., [2023]

Summary:

Information Security Handbook is a practical guide that’ll empower you to take effective actions in securing your organization’s assets. Whether you are an experienced security professional seeking to refine your skills or someone new to the field looking to build a strong foundation, this book is designed to meet you where you are and guide you toward improving your understanding of information security. Each chapter addresses the key concepts, practical techniques, and best practices to establish a robust and effective information security program. You’ll be offered a holistic perspective on securing information, including risk management, incident response, cloud security, and supply chain considerations. This book has distilled years of experience and expertise of the author, Darren Death, into clear insights that can be applied directly to your organization’s security efforts. Whether you work in a large enterprise, a government agency, or a small business, the principles and strategies presented in this book are adaptable and scalable to suit your specific needs. By the end of this book, you’ll have all the tools and guidance needed to fortify your organization’s defenses and expand your capabilities as an information security practitioner.

Contents:

Cover

Title Page

Copyright and Credits

Dedicated

Contributors

Table of Contents

Preface

Chapter 1: Information and Data Security Fundamentals

Introduction

Information security challenges

Evolution of cybercrime

The modern role of information security

Information technology security engineering

Information assurance

The CIA triad

Organizational information security assessment

Risk management

Information security standards

Information security policies

Information security training

Summary

Chapter 2: Defining the Threat Landscape

Understanding the organizational context

Threats

Phishing attacks

Ransomware

Malware

Distributed denial-of-service attacks

Insider threats

Advanced Persistent Threats

Social engineering attacks

Supply chain attacks

Hackers and hacking

White hat/ethical hacker

Black hat hacker

Gray hat hacker

Blue hat hacker

Script kiddie

Hacktivist

Nation-state attacker

Penetration testing

Cybercrime

Exploits

Hacker techniques

Closing information system vulnerabilities

Vulnerability management

Chapter 3: Laying a Foundation for Information and Data Security

Developing a comprehensive information security program

Leveraging existing frameworks instead of building from scratch

Essential factors for information security program success

Aligning information security with the organization's mission

Optimizing information security measures for your organization

Enhancing security through comprehensive awareness and training programs

Building information security into the SDLC/SELC process

Understanding and enhancing your information security program maturity

Information security program policy

Enterprise information security policies.

Information security system-specific policy

Planning policy

Access controls policy

Awareness and training policy

Auditing and accountability policy

Configuration management policy

Contingency planning policy

Identification and authentication policy

Incident response policy

Maintenance policy

Media protection policy

Personnel security policy

Physical and environmental protection policy

Risk assessment policy

Assessment, authorization, and monitoring policy

System and communications protection policy

System and information integrity policy

Systems and services acquisitions policy

Personally identifiable information policy

Supply chain risk management policy

Chapter 4: Information Security Risk Management

What is information security risk?

Understanding the ownership and management of information security risk

Identifying and protecting your organization's valuable data

Conducting a quick risk assessment

Risk management is an organizational-wide activity

The life cycle of risk management in information security

Information classification and its importance in information security

Steps in the data classification process

Determining information assets

Finding information in the environment

Organizing information into categories

Valuing information

Establishing impact

Security control selection

Security control implementation

Assessing implemented security controls

Authorizing information systems to operate

Monitoring information system security controls

Calculating risk - a comprehensive look at qualitative and quantitative risk assessments

Qualitative risk analysis - subjective evaluation of threats

Quantitative risk analysis - objective measurements and calculations

Identifying threats and choosing the right approach.

Identifying your organization's vulnerabilities

Pairing threats with vulnerabilities

Estimating likelihood

Estimating impact

Conducting the risk assessment

Exploring management approaches to risk

Quantitative analysis

Chapter 5: Developing Your Information and Data Security Plan

Determining your information security program objectives

Foundational information security activities to consider

Successful information security program elements

Rightsizing your information security program

Compliance requirements

Is your organization centralized or decentralized?

Business risk appetite

Organizational maturity

Principles to guarantee the success of your information security program

Business alignment

Communication strategies

Information security program plan elements

Developing an information security program strategy

Establishing key initiatives

Defining roles and responsibilities

Establishing enforcement areas

Chapter 6: Continuous Testing and Monitoring

Types of technical testing

SDLC considerations for testing

Project initiation

Requirements analysis

System design

System implementation

System testing

Operations and maintenance

Disposition

SDLC summary

Continuous monitoring

Information security assessment automation

Effectively reporting information security metrics

Alerting to information security weaknesses

Vulnerability assessment

Vulnerability scanning process

Vulnerability resolution

Phases of a penetration test

Difference between vulnerability assessments and penetration testing

Chapter 7: Business Continuity/Disaster Recovery Planning

Introduction to BCDR

Integrating BC planning and DR planning

Scope of a BCDR plan

Focus areas for BCDR planning.

Designing a BCDR plan

Requirements and context gathering - BIA

Inputs to the BIA

Outputs from the BIA

Sample BIA form

Defining technical DR mechanisms

Identifying and documenting required resources

Conducting a gap analysis

Developing DR mechanisms

Developing your plan

Testing the BCDR plan

Chapter 8: Incident Response Planning

What is an IRP?

Do I need an IRP?

Components of an IRP

Preparation of an IRP

Understanding what is important

Prioritization

Determining what normal network activity looks like

Observe, orient, decide, and act

Incident response procedure development

Identification - detection and analysis

Identification - incident response tools

Observational technical tools

Orientation tools

Decision tools

Remediation - containment/recovery/mitigation

Remediation - incident response tools

Act (response) tools

Post-incident activity

Remediation - root cause analysis

Lessons-learned sessions

IRP testing

Chapter 9: Developing a Security Operations Center

What is a SOC?

What are the responsibilities of the SOC?

Management of SOC tools

SOC toolset design

Using already implemented toolsets

SOC roles

Log/information aggregation

Log/information analysis

Processes and procedures

Remediation - containment/eradication/recovery

SOC tools

Benefits of a SOC - in-house and MSSP

Chapter 10: Developing an Information Security Architecture Program

What is information security architecture?

Information security architecture and SDLC/SELC

Initiation phase

Requirement analysis phase

Design phase

Implementation phase

Testing phase

Operations and maintenance phase

Disposition phase.

Conducting an initial information security analysis

Purpose and description of the information system

Determining compliance requirements

Documenting key information system and project roles

Defining the expected user types

Documenting interface requirements

Documenting external information systems access

Conducting a business impact assessment (BIA)

Conducting information categorization

Developing a security architecture advisement program

Information security architecture process

Example information security architecture process

Architecture special considerations

Chapter 11: Cloud Security Considerations

Importance of cloud computing

Cloud computing characteristics

Cloud computing service models

Infrastructure as a Service (IaaS)

Platform as a Service (PaaS)

Software as a Service (SaaS)

Cloud computing deployment models

Public cloud

Private cloud

Community cloud

Hybrid cloud

Cloud computing management models

Managed service providers

Cloud service providers

Special considerations for cloud computing

Cloud computing data security

Identification, authentication, and authorization in the cloud

Monitoring and logging considerations

Security automation considerations

Secure application development considerations

Chapter 12: Zero Trust Architecture in Information Security

Zero Trust and its principles

The history of Zero Trust

Importance of Zero Trust in cybersecurity

Shifting from traditional perimeter-based security

The pillars of Zero Trust

Identity pillar

Devices

Networks

Applications and Workloads

Data

Chapter 13: Third-Party and Supply Chain Security

Understanding C-SCRM and its importance

The challenges in managing supply chain cybersecurity risks.

The risks associated with supply chains.

Notes:

Includes index.

Description based on print version record.

ISBN:

9781837636075

1837636079

OCLC:

1407633336