Book Image

Information Security Handbook - Second Edition

By : Darren Death
Book Image

Information Security Handbook - Second Edition

By: Darren Death

Overview of this book

Information Security Handbook is a practical guide that’ll empower you to take effective actions in securing your organization’s assets. Whether you are an experienced security professional seeking to refine your skills or someone new to the field looking to build a strong foundation, this book is designed to meet you where you are and guide you toward improving your understanding of information security. Each chapter addresses the key concepts, practical techniques, and best practices to establish a robust and effective information security program. You’ll be offered a holistic perspective on securing information, including risk management, incident response, cloud security, and supply chain considerations. This book has distilled years of experience and expertise of the author, Darren Death, into clear insights that can be applied directly to your organization’s security efforts. Whether you work in a large enterprise, a government agency, or a small business, the principles and strategies presented in this book are adaptable and scalable to suit your specific needs. By the end of this book, you’ll have all the tools and guidance needed to fortify your organization’s defenses and expand your capabilities as an information security practitioner.

Related Content you might be interested in

Current Title:

Small book image
Information Security Handbook - Second Edition
Darren Death
Oct, 2023 | 370 pages
Small book image
Mastering Cloud Security Posture Management (CSPM)
Qamar Nomani
Jan, 2024 | 472 pages
Small book image
Mastering Information Security Compliance Management
Adarsh Nair | Greeshma M R
Aug, 2023 | 236 pages
Small book image
ISACA Certified in Risk and Information Systems Control (CRISC®) Exam Guide
Shobhit Mehta
Sep, 2023 | 316 pages
Table of Contents (16 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Conventions used
Get in touch
Reviews
Share Your Thoughts
Download a free PDF copy of this book
1
Chapter 1: Information and Data Security Fundamentals
Chapter 1: Information and Data Security Fundamentals
Introduction
Information security challenges
Evolution of cybercrime
The modern role of information security
Information assurance
The CIA triad
Risk management
Summary
Free Chapter
2
Chapter 2: Defining the Threat Landscape
Chapter 2: Defining the Threat Landscape
Understanding the organizational context
Threats
Hackers and hacking
Closing information system vulnerabilities
Summary
3
Chapter 3: Laying a Foundation for Information and Data Security
Chapter 3: Laying a Foundation for Information and Data Security
Developing a comprehensive information security program
Leveraging existing frameworks instead of building from scratch
Essential factors for information security program success
Information security policies
Summary
4
Chapter 4: Information Security Risk Management
Chapter 4: Information Security Risk Management
What is information security risk?
Understanding the ownership and management of information security risk
Identifying and protecting your organization’s 
valuable data
Conducting a quick risk assessment
Risk management is an organizational-wide activity
The life cycle of risk management in information security
Information classification and its importance in information security
Steps in the data classification process
Establishing impact
Security control selection
Calculating risk – a comprehensive look at qualitative and quantitative risk assessments
Identifying threats and choosing the right approach
Exploring management approaches to risk
Summary
5
Chapter 5: Developing Your Information and Data Security Plan
Chapter 5: Developing Your Information and Data Security Plan
Determining your information security program objectives
Foundational information security activities to consider
Successful information security program elements
Rightsizing your information security program
Principles to guarantee the success of your information security program
Information security program plan elements
Summary
6
Chapter 6: Continuous Testing and Monitoring
Chapter 6: Continuous Testing and Monitoring
Types of technical testing
SDLC considerations for testing
SDLC summary
Continuous monitoring
Vulnerability assessment
Penetration testing
Difference between vulnerability assessments and penetration testing
Summary
7
Chapter 7: Business Continuity/Disaster Recovery Planning
Chapter 7: Business Continuity/Disaster Recovery Planning
Introduction to BCDR
Designing a BCDR plan
Defining technical DR mechanisms
Developing your plan
Testing the BCDR plan
Summary
8
Chapter 8: Incident Response Planning
Chapter 8: Incident Response Planning
What is an IRP?
Preparation of an IRP
Identification – detection and analysis
Identification – incident response tools
Remediation – containment/recovery/mitigation
Remediation – incident response tools
Post-incident activity
Summary
9
Chapter 9: Developing a Security Operations Center
Chapter 9: Developing a Security Operations Center
What is a SOC?
Management of SOC tools
SOC toolset design
SOC roles
Processes and procedures
SOC tools
Summary
10
Chapter 10: Developing an Information Security Architecture Program
Chapter 10: Developing an Information Security Architecture Program
What is information security architecture?
Information security architecture and SDLC/SELC
Conducting an initial information security analysis
Developing a security architecture advisement program
Information security architecture process
Summary
11
Chapter 11: Cloud Security Considerations
Chapter 11: Cloud Security Considerations
Importance of cloud computing
Cloud computing service models
Cloud computing deployment models
Cloud computing management models
Special considerations for cloud computing
Summary
12
Chapter 12: Zero Trust Architecture in Information Security
Chapter 12: Zero Trust Architecture in Information Security
Zero Trust and its principles
The history of Zero Trust
Importance of Zero Trust in cybersecurity
Shifting from traditional perimeter-based security
The pillars of Zero Trust
Summary
13
Chapter 13: Third-Party and Supply Chain Security
Chapter 13: Third-Party and Supply Chain Security
Understanding C-SCRM and its importance
The challenges in managing supply chain cybersecurity risks
The risks associated with supply chains
The consequences of supply chain risks
Methods to identify supply chain risks
Assessing the severity and likelihood of C-SCRM risks
Strategies to mitigate supply chain risks
Integrating C-SCRM into security program and business activities
Monitoring and reviewing C-SCRM practices
Summary
14
Index
Index
Why subscribe?
15
Other Books You May Enjoy
Other Books You May Enjoy
Packt is searching for authors like you
Share Your Thoughts
Download a free PDF copy of this book

Identification – detection and analysis

A crucial concept to understand and develop as a core component of your incident response capability is the concept of incident triage. The reality is that not all incidents are treated the same, and by using a triage approach, you can focus on important events while ignoring irrelevant noise.

The following list offers a sampling of potential attack vectors that an attacker might use and an incident responder must be prepared to address. Each category is distinct in terms of exploitation and will require different mechanisms to discover abnormal behavior:

  • Compromised credentials: Attacks made possible due to harvesting information system credentials:
    • System (OS)/service account compromises
    • User account compromises
  • Web attacks: Attack vectors that use a web browser to install malware or harvest credentials:
    • Drive-by downloads
    • Cross-site scripting
  • Removable media: Attacks delivered via removable media:
    • USB thumb drives or DVDs...
Previous Section
End of Section 4
Next Section