Information security has become a global challenge that is impacting organizations across every industry sector. C-Suite and board level executives are beginning to take their obligations seriously and as a result require competent business-focused advice and guidance from the organization's information security professionals. Being able to establish a fully developed, risk-based, and business-focused information security program to support your organization is critical to ensuring your organization's success moving into the future.
In this book, we will explore what it takes to establish an information security program that covers the following aspects:
- Focusing on business alignment, engagement, and support
- Utilizing risk-based methodologies
- Establishing effective organizational communication
- Implementing foundational information security hygiene practices
- Implementing information security program best practices
Chapter 1, Information and Data Security Fundamentals, provides the reader with an overview of key concepts that will be examined throughout this book. The reader will understand the history, key concepts, components of information, and data security. Additionally, the reader will understand how these concepts should balance with business needs.
Chapter 2, Defining the Threat Landscape, understanding the modern threat landscape, helps you as the information security professional in developing a highly effective information security program that can mount a secure defense against modern adversaries in support of your organization's business/mission goals and objectives. In this chapter, you will learn: How to determine what is important to your organization, potential threats to your organization, Types of hackers/adversaries, methods used by the hacker/adversary, and methods of conducting training and awareness as it relates to threats.
Chapter 3, Preparing for Information and Data Security, helps you to learn the important activities required to establish an enterprise-wide information security program with a focus on executive buy-in, policies, procedures, standards, and guidelines. Additionally, you will learn: Planning concepts associated with information security program establishment; Information security program success factors; SDLC Integration of the information security program; Information security program maturity concepts; and best practices related to policies, procedures, standards, and guidelines.
Chapter 4, Information Security Risk Management, explains the fundamentals of information security risk management, which provides the main interface for prioritization and communication between the information security program and the business. Additionally, you will learn: Key information security risk management concepts; How to determine where valuable data is in your organization; Quick risk assessment techniques; How risk management affects different parts of the organization; How to perform information categorization; Security control selection, implementation, and testing; and Authorizing information systems for production operations.
Chapter 5, Developing Your Information and Data Security Plan, speaks about the concepts necessary to develop your information security program plan. Your program plan will be a foundational document that will establish how your information security program will function and interact with the rest of the business. Additionally, you will learn: How to develop the objectives for your information security program, elements of a successful information security program, information security program business / mission alignment, information security program plan elements, and establishing information security program enforcement.
Chapter 6, Continuous Testing and Monitoring, explains that it is important for the information security professional to understand that vulnerabilities in information system are a fact of life that is not going away anytime soon. The key to protecting the modern information system is continued vigilance through continuous technical testing. In this chapter, you will learn: Technical testing capabilities at your disposal, Testing integration into the SDLC, Continuous monitoring considerations, Vulnerability assessment considerations, and Penetration testing considerations.
Chapter 7, Business Continuity/Disaster Recovery Planning, encompasses two separate but related disciplines that work together. Business Continuity Planning serves to ensure that an organization can effectively understand what business processes and information are important to the continued operations and success of the organization. Disaster Recovery Planning serves to develop a technical solution that supports the business needs of the organization in the event of a system outage. In this chapter, you will learn: The scope and focus areas of the BCDR plan and designing, implementing, testing, and maintaining the BCDR plan.
Chapter 8, Incident Response Planning, speaks about an incident response plan and procedures that your information security program implements to ensure that you have adequate and repeatable processes in place to respond to an information security incident that occurs against your organizational network or information systems. In this chapter, you will learn: Why you need an incident response plan, What components make up the incident response plan, Tools and techniques related to incident response, The incident response process, and the OODA loop and how it can be applied to incident response.
Chapter 9, Developing a Security Operations Center, serves as your centralized view into your enterprise information systems. The security operations center goal is to ensure that this view is real-time so that your organization can identify and respond to internal and external threats as quickly as possible. In this chapter, you will learn: What comprises the responsibilities of the security operations center; security operations center tool management and design; security operations center roles, processes, and procedures; and internal versus outsourced security operations center implementation considerations.
Chapter 10, Developing an Information Security Architecture Program, explains that Security Architecture establishes rigorous and comprehensive policies, procedures, and guidelines around the development and operationalization of an Information Security Architecture across the enterprise information technology deployed within an organization. Additionally, you will learn about: Incorporating security architecture into the system development life cycle process, conducting an initial information security analysis, and Developing a security architecture advisement program.
Chapter 11, Cloud Security Consideration, enables on-demand and ubiquitous access to a shared pool of configurable outsourced computing resources such as networks, servers, storage, and applications. In this chapter, you will learn: cloud computing characteristics; Cloud computing service, deployment, and management models; and Special information security consideration as it relates to Cloud Computing.
Chapter 12, Information and Data Security Best Practices, speaks about a selection of best practices to help ensure the overall information security health of your organization's information systems. The topics covered in this chapter include information security best practices related to: user account security, least functionality, updates and patching, secure configurations, application security, and network security.
This book will guide you through the installation of all the tools that you need to follow the examples. You will need to install Webstorm version 10 to effectively run the code samples present in this book.
This book is targeted at the information security professional looking to understand the key success factors needed to build a successful business-aligned information security program. Additionally, this book is well suited for anyone looking to understand the key aspects of an information security program and how they should be implemented within an organizational culture.
In this book, you will find a number of text styles that distinguish between different kinds of information. Here are some examples of these styles and an explanation of their meaning. Code words in text, database table names, folder names, filenames, file extensions, pathnames, dummy URLs, user input, and Twitter handles are shown as follows: "The next lines of code read the link and assign it to the <script>123</script>.
New terms and important words are shown in bold.
Feedback from our readers is always welcome. Let us know what you think about this book-what you liked or disliked. Reader feedback is important for us as it helps us develop titles that you will really get the most out of. To send us general feedback, simply email[email protected], and mention the book's title in the subject of your message. If there is a topic that you have expertise in and you are interested in either writing or contributing to a book, see our author guide atwww.packtpub.com/authors.
Now that you are the proud owner of a Packt book, we have a number of things to help you to get the most from your purchase.
We also provide you with a PDF file that has color images of the screenshots/diagrams used in this book. The color images will help you better understand the changes in the output. You can download this file from https://www.packtpub.com/sites/default/files/downloads/InformationSecurityHandbook_ColorImages.pdf.
Although we have taken every care to ensure the accuracy of our content, mistakes do happen. If you find a mistake in one of our books-maybe a mistake in the text or the code-we would be grateful if you could report this to us. By doing so, you can save other readers from frustration and help us improve subsequent versions of this book. If you find any errata, please report them by visiting http://www.packtpub.com/submit-errata, selecting your book, clicking on the Errata Submission Form link, and entering the details of your errata. Once your errata are verified, your submission will be accepted and the errata will be uploaded to our website or added to any list of existing errata under the Errata section of that title. To view the previously submitted errata, go to https://www.packtpub.com/books/content/support and enter the name of the book in the search field. The required information will appear under the Errata section.
Piracy of copyrighted material on the internet is an ongoing problem across all media. At Packt, we take the protection of our copyright and licenses very seriously. If you come across any illegal copies of our works in any form on the internet, please provide us with the location address or website name immediately so that we can pursue a remedy. Please contact us at[email protected] with a link to the suspected pirated material. We appreciate your help in protecting our authors and our ability to bring you valuable content.
If you have a problem with any aspect of this book, you can contact us at [email protected], and we will do our best to address the problem.