Information security management principles
In today's technology-driven environment, there is an ever-increasing demand for information delivery. A compromise has to be struck between security and availability. This book is a pragmatic guide to information assurance for both business professionals and technical experts. This second edit...
| Main Author: | |
|---|---|
| Other Authors: | , , |
| Format: | eBook |
| Language: | English |
| Published: |
Swindon, U.K.
BCS Learning & Development Ltd.
2013
|
| Subjects: | |
| Online Access: | |
| Collection: | O'Reilly - Collection details see MPG.ReNa |
Table of Contents:
- Includes bibliographical references and index
- 7 physical and environmental securitylearning outcomes; general controls; physical security; technical security; procedural security; protection of equipment; processes to handle intruder alerts; clear screen and desk policy; moving property on and off site; procedures for secure disposal; security requirements in delivery and loading areas; pointers for activities in this chapter; 8 disaster recovery and business continuity management; learning outcomes; dr/bcp, risk assessment and impact analysis; writing and implementing plans; documentation, maintenance and testing
- Security incident managementlegal framework; security standards and procedures; pointers for activities in this chapter; 4 procedural and people security controls; people; user access controls; training and awareness; pointers for activities in this chapter; 5 technical security controls; protection from malicious software; networks and communications; external services; cloud computing; it infrastructure; pointers for activities in this chapter; 6 software development and life cycle; testing, audit and review; systems development and support; pointers for activities in this chapter
- LINKS TO MANAGED SERVICE PROVISION AND OUTSOURCINGSECURE OFF-SITE STORAGE OF VITAL MATERIAL; INVOLVEMENT OF PERSONNEL, SUPPLIERS AND IT SYSTEMS PROVIDERS; SECURITY INCIDENT MANAGEMENT; COMPLIANCE WITH STANDARDS; POINTERS FOR THE ACTIVITY IN THIS CHAPTER; 9 OTHER TECHNICAL ASPECTS; INVESTIGATIONS AND FORENSICS; ROLE OF CRYPTOGRAPHY; POINTERS FOR THE ACTIVITY IN THIS CHAPTER; APPENDIX A; GLOSSARY; INDEX; Back Cover
- Copyright; CONTENTS; LIST OF FIGURES AND TABLES; AUTHORS; ACKNOWLEDGEMENTS; ABBREVIATIONS; PREFACE; 1 INFORMATION SECURITY PRINCIPLES; CONCEPTS AND DEFINITIONS; THE NEED FOR, AND BENEFITS OF, INFORMATION SECURITY; POINTERS FOR ACTIVITIES IN THIS CHAPTER; 2 INFORMATION RISK; THREATS TO, AND VULNERABILITIES OF, INFORMATION SYSTEMS; RISK MANAGEMENT; POINTERS FOR ACTIVITIES IN THIS CHAPTER; 3 INFORMATION SECURITY FRAMEWORK; ORGANISATIONS AND RESPONSIBILITIES; ORGANISATIONAL POLICY, STANDARDS AND PROCEDURES; INFORMATION SECURITY GOVERNANCE; INFORMATION SECURITY IMPLEMENTATION.