Information security governance simplified, Fitzgerald, Todd (grant Thornton International, Ltd., Oak Brook Terrace, Illinois, Usa)
Автор: Volchkov, Andrej Название: Information security governance ISBN: 0815356447 ISBN-13(EAN): 9780815356448 Издательство: Taylor&Francis Рейтинг: Цена: 9033.00 р. Наличие на складе: Есть у поставщика Поставка под заказ.
Описание: This book presents a framework to model the main activities of information security management and governance. The same model can be used for any security sub-domain such as cybersecurity, data protection, access rights management, business continuity, etc.
Автор: Kohnke Название: The Complete Guide to Cybersecurity Risks and Controls ISBN: 1498740545 ISBN-13(EAN): 9781498740548 Издательство: Taylor&Francis Рейтинг: Цена: 18374.00 р. Наличие на складе: Есть у поставщика Поставка под заказ.
Описание:
The Complete Guide to Cybersecurity Risks and Controls presents the fundamental concepts of information and communication technology (ICT) governance and control. In this book, you will learn how to create a working, practical control structure that will ensure the ongoing, day-to-day trustworthiness of ICT systems and data. The book explains how to establish systematic control functions and timely reporting procedures within a standard organizational framework and how to build auditable trust into the routine assurance of ICT operations.
The book is based on the belief that ICT operation is a strategic governance issue rather than a technical concern. With the exponential growth of security breaches and the increasing dependency on external business partners to achieve organizational success, the effective use of ICT governance and enterprise-wide frameworks to guide the implementation of integrated security controls are critical in order to mitigate data theft. Surprisingly, many organizations do not have formal processes or policies to protect their assets from internal or external threats.
The ICT governance and control process establishes a complete and correct set of managerial and technical control behaviors that ensures reliable monitoring and control of ICT operations. The body of knowledge for doing that is explained in this text. This body of knowledge process applies to all operational aspects of ICT responsibilities ranging from upper management policy making and planning, all the way down to basic technology operation.
Автор: Bone Название: Cognitive Hack ISBN: 149874981X ISBN-13(EAN): 9781498749817 Издательство: Taylor&Francis Рейтинг: Цена: 12554.00 р. Наличие на складе: Есть у поставщика Поставка под заказ.
Описание: This book explores a broad cross section of research and actual case studies to draw out new insights that may be used to build a benchmark for IT security professionals. This research takes a deeper dive beneath the surface of the analysis to uncover novel ways to mitigate data security vulnerabilities, connect the dots and identify patterns in the data on breaches. This analysis will assist security professionals not only in benchmarking their risk management programs but also in identifying forward looking security measures to narrow the path of future vulnerabilities.
Автор: Kohnke Название: Implementing Cybersecurity ISBN: 149878514X ISBN-13(EAN): 9781498785143 Издательство: Taylor&Francis Рейтинг: Цена: 18374.00 р. Наличие на складе: Есть у поставщика Поставка под заказ.
Описание: The book provides the complete strategic understanding requisite to allow a person to create and use the RMF process recommendations for risk management. This will be the case both for applications of the RMF in corporate training situations, as well as for any individual who wants to obtain specialized knowledge in organizational risk management. It is an all-purpose roadmap of sorts aimed at the practical understanding and implementation of the risk management process as a standard entity. It will enable an "application" of the risk management process as well as the fundamental elements of control formulation within an applied context.
Автор: Thompson Название: The Insider Threat ISBN: 1498747086 ISBN-13(EAN): 9781498747080 Издательство: Taylor&Francis Рейтинг: Цена: 10411.00 р. Наличие на складе: Есть у поставщика Поставка под заказ.
Описание: This book provides emergent knowledge relating to physical, cyber, and human risk mitigation in a practical and readable approach for the corporate environment. The book guides readers to a greater depth of understanding and action-oriented options.
Past events have shed light on the vulnerability of mission-critical computer systems at highly sensitive levels. It has been demonstrated that common hackers can use tools and techniques downloaded from the Internet to attack government and commercial information systems. Although threats may come from mischief makers and pranksters, they are more likely to result from hackers working in concert for profit, hackers working under the protection of nation states, or malicious insiders.
Securing an IT Organization through Governance, Risk Management, and Audit introduces two internationally recognized bodies of knowledge: Control Objectives for Information and Related Technology (COBIT 5) from a cybersecurity perspective and the NIST Framework for Improving Critical Infrastructure Cybersecurity (CSF). Emphasizing the processes directly related to governance, risk management, and audit, the book provides details of a cybersecurity framework (CSF), mapping each of the CSF steps and activities to the methods defined in COBIT 5. This method leverages operational risk understanding in a business context, allowing the information and communications technology (ICT) organization to convert high-level enterprise goals into manageable, specific goals rather than unintegrated checklist models.
The real value of this methodology is to reduce the knowledge fog that frequently engulfs senior business management, and results in the false conclusion that overseeing security controls for information systems is not a leadership role or responsibility but a technical management task. By carefully reading, implementing, and practicing the techniques and methodologies outlined in this book, you can successfully implement a plan that increases security and lowers risk for you and your organization.
Автор: F. Smallwood, Robert Название: Information governance for healthcare professionals ISBN: 1138568066 ISBN-13(EAN): 9781138568068 Издательство: Taylor&Francis Рейтинг: Цена: 10564.00 р. Наличие на складе: Поставка под заказ.
Описание: Like other critical organizational assets, information is a strategic asset that requires high level of oversight in order to be able to effectively use it for organizational decision-making, performance improvement, cost management, and risk mitigation. Adopting an information governance program shows a healthcare organization’s commitment to managing its information as a valued strategic asset. Information governance serves the dual purpose of optimizing the ability to extract clinical and business value from healthcare information while meeting compliance needs and mitigating risk. Healthcare organizations that have information governance programs will have a competitive edge over others and contributes to safety and quality of care, population health, operational efficiency and effectiveness, and cost reduction initiatives. This is a much-needed book in the healthcare market space. It will explain, in clear terms, how to develop, launch, and oversee an Information Governance program. It also provides advice and insights from leading IG, cybersecurity and information privacy professionals in healthcare.
Описание: Constitutes the refereed proceedings of the IFIP TC 11 23rd International Information Security Conference held at the 20th World Computer Congress in Milano, Italy on September 7-10, 2008. This book features proceedings and post-proceedings of refereed international conferences in computer science and interdisciplinary fields.
Автор: Layton Название: Information Security ISBN: 0849370876 ISBN-13(EAN): 9780849370878 Издательство: Taylor&Francis Рейтинг: Цена: 19140.00 р. Наличие на складе: Есть у поставщика Поставка под заказ.
Описание: Presents a perspective of the ISO/IEC 17799 Information Security Standard and provides an analysis of how to effectively measure an information security program using this standard. This book includes a qualitative-based risk assessment methodology.
Описание: Updated annually, the Information Security Management Handbook, Sixth Edition, Volume 6 is the most comprehensive and up-to-date reference available on information security and assurance. Bringing together the knowledge, skills, techniques, and tools required of IT security professionals, it facilitates the up-to-date understanding required to stay one step ahead of evolving threats, standards, and regulations. Reporting on the latest developments in information security and recent changes to the (ISC)2® CISSP Common Body of Knowledge (CBK®), this volume features new information on advanced persistent threats, HIPAA requirements, social networks, virtualization, and SOA. Its comprehensive coverage touches on all the key areas IT security professionals need to know, including: Access Control: Technologies and administration including the requirements of current laws Telecommunications and Network Security: Addressing the Internet, intranet, and extranet Information Security and Risk Management: Organizational culture, preparing for a security audit, and the risks of social media Application Security: Ever-present malware threats and building security into the development process Security Architecture and Design: Principles of design including zones of trust Cryptography: Elliptic curve cryptosystems, format-preserving encryption Operations Security: Event analysis Business Continuity and Disaster Recovery Planning: Business continuity in the cloud Legal, Regulations, Compliance, and Investigation: Persistent threats and incident response in the virtual realm Physical Security: Essential aspects of physical security The ubiquitous nature of computers and networks will always provide the opportunity and means to do harm. This edition updates its popular predecessors with the information you need to address the vulnerabilities created by recent innovations such as cloud computing, mobile banking, digital wallets, and near-field communications. This handbook is also available on CD.
Описание: These proceedings contain the papers selected for presentation at the 23rd Inter- tional Information Security Conference (SEC 2008), co-located with IFIP World Computer Congress (WCC 2008), September 8-10, 2008 in Milan, Italy. Of the papers submitted, 42 full papers and 11 short papers were selected for presentation at the conference.
Автор: Dengguo Feng Название: Trusted Computing: Principles and Applications ISBN: 3110476045 ISBN-13(EAN): 9783110476040 Издательство: Walter de Gruyter Рейтинг: Цена: 18586.00 р. Наличие на складе: Есть у поставщика Поставка под заказ.
Описание: The book summarizes key concepts and theories in trusted computing, e.g., TPM, TCM, mobile modules, chain of trust, trusted software stack etc, and discusses the configuration of trusted platforms and network connections. It also emphasizes the application of such technologies in practice, extending readers from computer science and information science researchers to industrial engineers.
ООО "Логосфера " Тел:+7(495) 980-12-10 www.logobook.ru
