Management of Information Security: Edition 5

Sold by Cengage Learning
Free sample

Readers discover a managerially-focused overview of information security with a thorough treatment of how to most effectively administer it with MANAGEMENT OF INFORMATION SECURITY, 5E. Information throughout helps readers become information security management practitioners able to secure systems and networks in a world where continuously emerging threats, ever-present attacks, and the success of criminals illustrate the weaknesses in current information technologies. Current and future professional managers complete this book with the exceptional blend of skills and experiences to develop and manage the more secure computing environments that today’s organizations need. This edition offers a tightened focus on key executive and managerial aspects of information security while still emphasizing the important foundational material to reinforce key concepts. Updated content reflects the most recent developments in the field, including NIST, ISO, and security governance.
Important Notice: Media content referenced within the product description or the product text may not be available in the ebook version.
Read more
Collapse
Loading...

Additional Information

Publisher
Cengage Learning
Read more
Collapse
Published on
Mar 22, 2016
Read more
Collapse
Pages
592
Read more
Collapse
ISBN
9781305856257
Read more
Collapse
Read more
Collapse
Best For
Read more
Collapse
Language
English
Read more
Collapse
Genres
Computers / Security / General
Read more
Collapse
Content Protection
This content is DRM protected.
Read more
Collapse

Reading information

Smartphones and Tablets

Install the Google Play Books app for Android and iPad/iPhone. It syncs automatically with your account and allows you to read online or offline wherever you are.

Laptops and Computers

You can read books purchased on Google Play using your computer's web browser.

eReaders and other devices

To read on e-ink devices like the Sony eReader or Barnes & Noble Nook, you'll need to download a file and transfer it to your device. Please follow the detailed Help center instructions to transfer the files to supported eReaders.
With the advances of technology and the reoccurrence of data leaks, cyber security is a bigger challenge than ever before. Cyber attacks evolve as quickly as the technology itself, and hackers are finding more innovative ways to break security controls to access confidential data and to interrupt services. Hackers reinvent themselves using new technology features as a tool to expose companies and individuals. Therefore, cyber security cannot be reactive but must go a step further by implementing proactive security controls that protect one of the most important assets of every organization: the company's information.

This IBM® Redbooks® publication provides information about implementing IBM QRadar® for Security Intelligence and Event Monitoring (SIEM) and protecting an organization's networks through a sophisticated technology, which permits a proactive security posture. It is divided in to the following major sections to facilitate the integration of QRadar with any network architecture:
Chapter 2, "Before the installation" on page 3 provides a review of important requirements before the installation of the product.

Chapter 3, "Installing IBM QRadar V7.3" on page 57 provides step-by-step procedures to guide you through the installation process.

Chapter 4, "After the installation" on page 77 helps you to configure additional features and perform checks after the product is installed.

QRadar is an IBM Security prime product that is designed to be integrated with corporate network devices to keep a real-time monitoring of security events through a centralized console. Through this book, any network or security administrator can understand the product's features and benefits.

 The role of the information security manager has changed. Have you?

The challenges you face as an information security manager (ISM) have increased enormously since the first edition of Once more unto the breach was published.

What seemed exceptional in 2011 is the norm in 2015: vulnerabilities have been experienced across all operating systems, millions of individuals have been affected by data breaches, and countless well-known companies have fallen victim to cyber attacks.

It’s your duty to ensure that your organisation isn’t next.

The ISM’s information security responsibilities now cover all aspects of the organisation and its operations, and relate to the security of information in all forms, locations and transactions across the organisation – and beyond.

Topics covered include:

Project managementPhysical securityPassword managementConsumerisation (BYOD)Audit log managementVulnerability managementCloud computingIncident reportingPenetration testingLinking information security with records managementPrivacy impact assessmentsInternal auditing

In this revised edition of Once more unto the breach, Andrea C Simmons uses her extensive experience to provide an important insight into the changing role and responsibilities of the ISM, walking you through a typical ISM’s year and highlighting the challenges and pitfalls of an information security programme.

One of the key failures of security change management is that it is perceived as a project instead of a programme , and is therefore mistakenly assumed to have an end. Once more unto the breachexplains why information security is an ongoing process, using the role of project manager on a programme of change to highlight the various incidents and issues that arise on an almost daily basis – and often go unnoticed.

A major challenge for the ISM is achieving all-important buy-in from their colleagues. Once more unto the breach explains how to express the importance of the tasks you are undertaking in language that executive management will understand. You’ll also discover the importance of having a camera with you at all times.

For too long, security has been seen as more of an inhibitor than an enabler. Once more unto the breach is an invaluable resource that will help you improve this perception, and achieve better overall information protection results as a result.

About the author

Andrea C Simmons is an information governance specialist with extensive experience in the private and public sectors. She has made significant contributions to the development of standards and industry research, and is currently working on a PhD in information assurance. She writes articles and blogs, and presents at conferences, seminars and workshops. Andrea is a member of many professional bodies and has just been awarded Senior Member status by the Information Systems Security Association (ISSA).

Buy this book and understand the latest challenges information security managers face.

The world's most infamous hacker offers an insider's view of the low-tech threats to high-tech security
Kevin Mitnick's exploits as a cyber-desperado and fugitive form one of the most exhaustive FBI manhunts in history and have spawned dozens of articles, books, films, and documentaries. Since his release from federal prison, in 1998, Mitnick has turned his life around and established himself as one of the most sought-after computer security experts worldwide. Now, in The Art of Deception, the world's most notorious hacker gives new meaning to the old adage, "It takes a thief to catch a thief."
Focusing on the human factors involved with information security, Mitnick explains why all the firewalls and encryption protocols in the world will never be enough to stop a savvy grifter intent on rifling a corporate database or an irate employee determined to crash a system. With the help of many fascinating true stories of successful attacks on business and government, he illustrates just how susceptible even the most locked-down information systems are to a slick con artist impersonating an IRS agent. Narrating from the points of view of both the attacker and the victims, he explains why each attack was so successful and how it could have been prevented in an engaging and highly readable style reminiscent of a true-crime novel. And, perhaps most importantly, Mitnick offers advice for preventing these types of social engineering hacks through security protocols, training programs, and manuals that address the human element of security.
©2019 GoogleSite Terms of ServicePrivacyDevelopersArtistsAbout Google|Location: United StatesLanguage: English (United States)
By purchasing this item, you are transacting with Google Payments and agreeing to the Google Payments Terms of Service and Privacy Notice.