The Security Risk Assessment Handbook: A Complete Guide for Performing Security Risk Assessments, Landoll Douglas
Старое издание
Автор: Landoll, Douglas Название: The Security Risk Assessment Handbook ISBN: 1439821488 ISBN-13(EAN): 9781439821480 Издательство: Taylor&Francis Цена: 19906.00 р. Наличие на складе: Поставка под заказ.
Автор: Landoll, Douglas ( Название: Security risk assessment handbook ISBN: 103204165X ISBN-13(EAN): 9781032041650 Издательство: Taylor&Francis Рейтинг: Цена: 9186.00 р. Наличие на складе: Есть у поставщика Поставка под заказ.
Описание: The third edition has expended coverage essential topics such as threat analysis, data gathering, risk analysis, and risk assessment methods and added coverage of new topics essential for current assessment projects (e.g., cloud security, supply chain management, security risk assessment methods).
Автор: Foltz, Kevin E. Simpson, William R. Название: Enterprise level security 2 ISBN: 0367531739 ISBN-13(EAN): 9780367531737 Издательство: Taylor&Francis Рейтинг: Цена: 12095.00 р. Наличие на складе: Есть у поставщика Поставка под заказ.
Описание: Enterprise Level Security 2: Advanced Topics in an Uncertain World follows on from the authors` first book on Enterprise Level Security (ELS), which covered the basic concepts of ELS and the discoveries made during the first eight years of its development. This book follows on from this to give a discussion of advanced topics and solutions.
Автор: Kohnke Название: The Complete Guide to Cybersecurity Risks and Controls ISBN: 1498740545 ISBN-13(EAN): 9781498740548 Издательство: Taylor&Francis Рейтинг: Цена: 18374.00 р. Наличие на складе: Есть у поставщика Поставка под заказ.
Описание:
The Complete Guide to Cybersecurity Risks and Controls presents the fundamental concepts of information and communication technology (ICT) governance and control. In this book, you will learn how to create a working, practical control structure that will ensure the ongoing, day-to-day trustworthiness of ICT systems and data. The book explains how to establish systematic control functions and timely reporting procedures within a standard organizational framework and how to build auditable trust into the routine assurance of ICT operations.
The book is based on the belief that ICT operation is a strategic governance issue rather than a technical concern. With the exponential growth of security breaches and the increasing dependency on external business partners to achieve organizational success, the effective use of ICT governance and enterprise-wide frameworks to guide the implementation of integrated security controls are critical in order to mitigate data theft. Surprisingly, many organizations do not have formal processes or policies to protect their assets from internal or external threats.
The ICT governance and control process establishes a complete and correct set of managerial and technical control behaviors that ensures reliable monitoring and control of ICT operations. The body of knowledge for doing that is explained in this text. This body of knowledge process applies to all operational aspects of ICT responsibilities ranging from upper management policy making and planning, all the way down to basic technology operation.
Past events have shed light on the vulnerability of mission-critical computer systems at highly sensitive levels. It has been demonstrated that common hackers can use tools and techniques downloaded from the Internet to attack government and commercial information systems. Although threats may come from mischief makers and pranksters, they are more likely to result from hackers working in concert for profit, hackers working under the protection of nation states, or malicious insiders.
Securing an IT Organization through Governance, Risk Management, and Audit introduces two internationally recognized bodies of knowledge: Control Objectives for Information and Related Technology (COBIT 5) from a cybersecurity perspective and the NIST Framework for Improving Critical Infrastructure Cybersecurity (CSF). Emphasizing the processes directly related to governance, risk management, and audit, the book provides details of a cybersecurity framework (CSF), mapping each of the CSF steps and activities to the methods defined in COBIT 5. This method leverages operational risk understanding in a business context, allowing the information and communications technology (ICT) organization to convert high-level enterprise goals into manageable, specific goals rather than unintegrated checklist models.
The real value of this methodology is to reduce the knowledge fog that frequently engulfs senior business management, and results in the false conclusion that overseeing security controls for information systems is not a leadership role or responsibility but a technical management task. By carefully reading, implementing, and practicing the techniques and methodologies outlined in this book, you can successfully implement a plan that increases security and lowers risk for you and your organization.
ООО "Логосфера " Тел:+7(495) 980-12-10 www.logobook.ru
