av Darren Death
626,-
A practical guide to establishing a risk-based, business-focused information security program to ensure organizational successKey FeaturesFocus on business alignment, engagement, and support using risk-based methodologiesEstablish organizational communication and collaboration emphasizing a culture of securityImplement information security program, cybersecurity hygiene, and architectural and engineering best practicesPurchase of the print or Kindle book includes a free PDF eBookBook DescriptionInformation Security Handbook is a practical guide that'll empower you to take effective actions in securing your organization's assets. Whether you are an experienced security professional seeking to refine your skills or someone new to the field looking to build a strong foundation, this book is designed to meet you where you are and guide you toward improving your understanding of information security.Each chapter addresses the key concepts, practical techniques, and best practices to establish a robust and effective information security program. You'll be offered a holistic perspective on securing information, including risk management, incident response, cloud security, and supply chain considerations. This book has distilled years of experience and expertise of the author, Darren Death, into clear insights that can be applied directly to your organization's security efforts. Whether you work in a large enterprise, a government agency, or a small business, the principles and strategies presented in this book are adaptable and scalable to suit your specific needs.By the end of this book, you'll have all the tools and guidance needed to fortify your organization's defenses and expand your capabilities as an information security practitioner.What you will learnIntroduce information security program best practices to your organizationLeverage guidance on compliance with industry standards and regulationsImplement strategies to identify and mitigate potential security threatsIntegrate information security architecture and engineering principles across the systems development and engineering life cycleUnderstand cloud computing, Zero Trust, and supply chain risk managementWho this book is forThis book is for information security professionals looking to understand critical success factors needed to build a successful, business-aligned information security program. Additionally, this book is well suited for anyone looking to understand key aspects of an information security program and how it should be implemented within an organization. If you're looking for an end-to-end guide to information security and risk analysis with no prior knowledge of this domain, then this book is for you.Table of ContentsInformation and Data Security FundamentalsDefining the Threat LandscapeLaying a Foundation for Information and Data Security Information Security Risk ManagementDeveloping Your Information and Data Security PlanContinuous Testing and MonitoringBusiness Continuity/Disaster Recovery Planning Incident Response Planning Developing a Security Operations CenterDeveloping an Information Security Architecture ProgramCloud Security ConsiderationsZero Trust Architecture in Information SecurityThird-Party and Supply Chain Security