Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Information Security Handbook
  • Table Of Contents Toc
Information Security Handbook

Information Security Handbook

By : Darren Death
5 (5)
Buy this Book
close
close
Information Security Handbook

Information Security Handbook

5 (5)
By: Darren Death
Buy this Book

Overview of this book

Having an information security mechanism is one of the most crucial factors for any organization. Important assets of organization demand a proper risk management and threat model for security, and so information security concepts are gaining a lot of traction. This book starts with the concept of information security and shows you why it’s important. It then moves on to modules such as threat modeling, risk management, and mitigation. It also covers the concepts of incident response systems, information rights management, and more. Moving on, it guides you to build your own information security framework as the best fit for your organization. Toward the end, you’ll discover some best practices that can be implemented to make your security framework strong. By the end of this book, you will be well-versed with all the factors involved in information security, which will help you build a security framework that is a perfect fit your organization’s requirements.
Table of Contents (16 chapters)
close
close
close
Preface
Icon
Preface
Icon
Who this book is for
Icon
What this book covers
Icon
To get the most out of this book
Icon
Conventions used
Icon
Get in touch
Icon
Reviews
Icon
Share Your Thoughts
Icon
Download a free PDF copy of this book
Lock Free Chapter
1
Chapter 1: Information and Data Security Fundamentals
Icon
Chapter 1: Information and Data Security Fundamentals
Icon
Introduction
Icon
Information security challenges
Icon
Evolution of cybercrime
Icon
The modern role of information security
Icon
Information assurance
Icon
The CIA triad
Icon
Risk management
Icon
Summary
2
Chapter 2: Defining the Threat Landscape
Icon
Chapter 2: Defining the Threat Landscape
Icon
Understanding the organizational context
Icon
Threats
Icon
Hackers and hacking
Icon
Closing information system vulnerabilities
Icon
Summary
3
Chapter 3: Laying a Foundation for Information and Data Security
Icon
Chapter 3: Laying a Foundation for Information and Data Security
Icon
Developing a comprehensive information security program
Icon
Leveraging existing frameworks instead of building from scratch
Icon
Essential factors for information security program success
Icon
Information security policies
Icon
Summary
4
Chapter 4: Information Security Risk Management
Icon
Chapter 4: Information Security Risk Management
Icon
What is information security risk?
Icon
Understanding the ownership and management of information security risk
Icon
Identifying and protecting your organization’s 
valuable data
Icon
Conducting a quick risk assessment
Icon
Risk management is an organizational-wide activity
Icon
The life cycle of risk management in information security
Icon
Information classification and its importance in information security
Icon
Steps in the data classification process
Icon
Establishing impact
Icon
Security control selection
Icon
Calculating risk – a comprehensive look at qualitative and quantitative risk assessments
Icon
Identifying threats and choosing the right approach
Icon
Exploring management approaches to risk
Icon
Summary
5
Chapter 5: Developing Your Information and Data Security Plan
Icon
Chapter 5: Developing Your Information and Data Security Plan
Icon
Determining your information security program objectives
Icon
Foundational information security activities to consider
Icon
Successful information security program elements
Icon
Rightsizing your information security program
Icon
Principles to guarantee the success of your information security program
Icon
Information security program plan elements
Icon
Summary
6
Chapter 6: Continuous Testing and Monitoring
Icon
Chapter 6: Continuous Testing and Monitoring
Icon
Types of technical testing
Icon
SDLC considerations for testing
Icon
SDLC summary
Icon
Continuous monitoring
Icon
Vulnerability assessment
Icon
Penetration testing
Icon
Difference between vulnerability assessments and penetration testing
Icon
Summary
7
Chapter 7: Business Continuity/Disaster Recovery Planning
Icon
Chapter 7: Business Continuity/Disaster Recovery Planning
Icon
Introduction to BCDR
Icon
Designing a BCDR plan
Icon
Defining technical DR mechanisms
Icon
Developing your plan
Icon
Testing the BCDR plan
Icon
Summary
8
Chapter 8: Incident Response Planning
chevron up
Icon
Chapter 8: Incident Response Planning
Icon
What is an IRP?
Icon
Preparation of an IRP
Icon
Identification – detection and analysis
Icon
Identification – incident response tools
Icon
Remediation – containment/recovery/mitigation
Icon
Remediation – incident response tools
Icon
Post-incident activity
Icon
Summary
9
Chapter 9: Developing a Security Operations Center
Icon
Chapter 9: Developing a Security Operations Center
Icon
What is a SOC?
Icon
Management of SOC tools
Icon
SOC toolset design
Icon
SOC roles
Icon
Processes and procedures
Icon
SOC tools
Icon
Summary
10
Chapter 10: Developing an Information Security Architecture Program
Icon
Chapter 10: Developing an Information Security Architecture Program
Icon
What is information security architecture?
Icon
Information security architecture and SDLC/SELC
Icon
Conducting an initial information security analysis
Icon
Developing a security architecture advisement program
Icon
Information security architecture process
Icon
Summary
11
Chapter 11: Cloud Security Considerations
Icon
Chapter 11: Cloud Security Considerations
Icon
Importance of cloud computing
Icon
Cloud computing service models
Icon
Cloud computing deployment models
Icon
Cloud computing management models
Icon
Special considerations for cloud computing
Icon
Summary
12
Chapter 12: Zero Trust Architecture in Information Security
Icon
Chapter 12: Zero Trust Architecture in Information Security
Icon
Zero Trust and its principles
Icon
The history of Zero Trust
Icon
Importance of Zero Trust in cybersecurity
Icon
Shifting from traditional perimeter-based security
Icon
The pillars of Zero Trust
Icon
Summary
13
Chapter 13: Third-Party and Supply Chain Security
Icon
Chapter 13: Third-Party and Supply Chain Security
Icon
Understanding C-SCRM and its importance
Icon
The challenges in managing supply chain cybersecurity risks
Icon
The risks associated with supply chains
Icon
The consequences of supply chain risks
Icon
Methods to identify supply chain risks
Icon
Assessing the severity and likelihood of C-SCRM risks
Icon
Strategies to mitigate supply chain risks
Icon
Integrating C-SCRM into security program and business activities
Icon
Monitoring and reviewing C-SCRM practices
Icon
Summary
14
Index
Icon
Index
Icon
Why subscribe?
15
Other Books You May Enjoy
Icon
Other Books You May Enjoy
Icon
Packt is searching for authors like you
Icon
Share Your Thoughts
Icon
Download a free PDF copy of this book

Summary

The incident response plan ensures that the information security program has the necessary people, processes, and technologies in place to respond to an information security incident against your organizational information systems.

In this chapter, you learned:

  • What makes up the incident response plan and why you use one
  • What is needed to establish an effective incident response plan
  • Automation, tools, and techniques needed to effectively support incident response activities

In the next chapter, you will learn about the security operation center. The security operations center serves to provide visibility and responses for the enterprise network, allowing for immediate action if an attacker is detected. The security operations center is a natural extension of the incident response discussion as your security operations center is typically tasked with the implementation and monitoring of the incident response plan.

CONTINUE READING
83
Tech Concepts
36
Programming languages
73
Tech Tools
Icon Unlimited access to the largest independent learning library in tech of over 8,000 expert-authored tech books and videos.
Icon Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.
Icon 50+ new titles added per month and exclusive early access to books as they are being written.
Information Security Handbook
End of Section 8
Next Section
notes
bookmark Notes and Bookmarks search Search in title playlist Add to playlist font-size Font size

Change the font size

margin-width Margin width

Change margin width

day-mode Day/Sepia/Night Modes

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Confirmation

Modal Close icon
claim successful
Order Page Read Now

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY

Submit Your Feedback

Modal Close icon
Modal Close icon
Modal Close icon