Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Advanced Search Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Infosec Strategies and Best Practices
  • Table Of Contents Toc
  • Feedback & Rating feedback
Infosec Strategies and Best Practices

Infosec Strategies and Best Practices

By : MacMillan
4.9 (14)
Buy this Book
close
close
Infosec Strategies and Best Practices

Infosec Strategies and Best Practices

4.9 (14)
By: MacMillan
Buy this Book

Overview of this book

Information security and risk management best practices enable professionals to plan, implement, measure, and test their organization's systems and ensure that they're adequately protected against threats. The book starts by helping you to understand the core principles of information security, why risk management is important, and how you can drive information security governance. You'll then explore methods for implementing security controls to achieve the organization's information security goals. As you make progress, you'll get to grips with design principles that can be utilized along with methods to assess and mitigate architectural vulnerabilities. The book will also help you to discover best practices for designing secure network architectures and controlling and managing third-party identity services. Finally, you will learn about designing and managing security testing processes, along with ways in which you can improve software security. By the end of this infosec book, you'll have learned how to make your organization less vulnerable to threats and reduce the likelihood and impact of exploitation. As a result, you will be able to make an impactful change in your organization toward a higher level of information security.
Table of Contents (13 chapters)
close
close
close
Preface
Icon
Preface
Icon
Who this book is for
Icon
What this book covers
Icon
To get the most out of this book
Icon
Download the color images
Icon
Conventions used
Icon
Get in touch
Icon
Reviews
1
Section 1: Information Security Risk Management and Governance
Icon
Section 1: Information Security Risk Management and Governance
Lock Free Chapter
2
Chapter 1: InfoSec and Risk Management
Icon
Chapter 1: InfoSec and Risk Management
Icon
Basic InfoSec terminology
Icon
Understanding why risk management is important
Icon
Performing a basic risk assessment
Icon
Considering legal regulations, investigations, and compliance structures
Icon
Proven methodologies in creating a strategy
Icon
Summary
3
Chapter 2: Protecting the Security of Assets
chevron up
Icon
Chapter 2: Protecting the Security of Assets
Icon
Implementing an ISMS
Icon
Identifying and classifying information assets
Icon
Securing information assets
Icon
Disposing of assets
Icon
Summary
4
Section 2: Closing the Gap: How to Protect the Organization
Icon
Section 2: Closing the Gap: How to Protect the Organization
5
Chapter 3: Designing Secure Information Systems
Icon
Chapter 3: Designing Secure Information Systems
Icon
Understanding the risks your organization faces
Icon
Best practices in assessing and mitigating vulnerabilities
Icon
Best practices in designing secure information systems
Icon
Summary
6
Chapter 4: Designing and Protecting Network Security
Icon
Chapter 4: Designing and Protecting Network Security
Icon
Designing secure network architectures
Icon
Strategies for protecting network security
7
Chapter 5: Controlling Access and Managing Identity
Icon
Chapter 5: Controlling Access and Managing Identity
Icon
Access control models and concepts
Icon
Selecting and implementing authentication and authorization mechanisms
Icon
Identity and access management (IAM)
Icon
Controlling physical access to assets
Icon
Summary
8
Section 3: Operationalizing Information Security
Icon
Section 3: Operationalizing Information Security
9
Chapter 6: Designing and Managing Security Testing Processes
Icon
Chapter 6: Designing and Managing Security Testing Processes
Icon
Preparing for security assessments
Icon
Understanding the different types of security assessments
Icon
Best practices in performing security assessments
Icon
Interpreting results from security assessments
Icon
Summary
10
Chapter 7: Owning Security Operations
Icon
Chapter 7: Owning Security Operations
Icon
Effective strategies in provisioning resources and maintaining assets
Icon
Focusing on availability, disaster recovery, and business continuity
Icon
Managing upgrades, patching, and applying security controls
Icon
Investigating events and responding to incidents
Icon
Implementing and utilizing detective controls
Icon
Using security monitoring to improve visibility
Icon
Security monitoring best practices
Icon
Summary
11
Chapter 8: Improving the Security of Software
Icon
Chapter 8: Improving the Security of Software
Icon
Exploring software security paradigms
Icon
Understanding the secure development life cycle
Icon
Utilizing the OWASP Top 10 Proactive Controls
Icon
Assessing software security
Icon
Summary
Icon
Why subscribe?
12
Other Books You May Enjoy
Icon
Other Books You May Enjoy
Icon
Packt is searching for authors like you
Icon
Leave a review - let other readers know what you think

Securing information assets

This section is all about implementing the appropriate information security controls for assets. I've been thinking about this section for a while, trying to understand how to tackle it best for you.

I know you probably have experience with choosing and implementing controls, and I don't want this section to end up being half of the entire book, just droning on and on about different types of controls or all of the great vendors out there who want to sell you a silver bullet to fix all of your issues. I'm going to go into many different controls and ideologies in the following chapters, anyway.

Instead, in this chapter, I want to make sure that we focus on heavy-hitting, effective ideologies to understand in order to select the appropriate controls, meaning that the asset is considered "secure enough" based on its criticality and classification.

There are different classes that split up the types of controls:

    ...
Visually different images
CONTINUE READING
83
Tech Concepts
36
Programming languages
73
Tech Tools
Icon Unlimited access to the largest independent learning library in tech of over 8,000 expert-authored tech books and videos.
Icon Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.
Icon 50+ new titles added per month and exclusive early access to books as they are being written.
Infosec Strategies and Best Practices
End of Section 3
Next Section
notes
bookmark Notes and Bookmarks search Search in title playlist Add to playlist font-size Font size

Change the font size

margin-width Margin width

Change margin width

day-mode Day/Sepia/Night Modes

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Confirmation

Modal Close icon
claim successful
Order Page Read Now

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY

Submit Your Feedback

Modal Close icon
Modal Close icon
Modal Close icon