Management of Information Security by Michael E. Whitman

By Michael E. Whitman

Administration of data safety, Fourth variation offers readers an summary of data safety and coverage utilizing either family and foreign criteria, all from a administration point of view. starting with the foundational and technical elements of data safety, this version then specializes in entry keep an eye on versions, details defense governance, and data defense application evaluate and metrics.The Fourth variation is revised and up to date to mirror alterations within the box, together with the ISO 27000 sequence, in an effort to organize readers to achieve the office.

Show description

Read or Download Management of Information Security PDF

Best network security books

Hiding in Plain Sight : Steganography and the Art of Covert Communication

* Explains precisely what steganography is-hiding a message inside of an risk free photo or track file-and the way it has develop into a favored instrument for secretly sending and receiving messages for either the great men and the undesirable men * First booklet to explain overseas terrorists' cybersecurity device of selection in an obtainable language * writer is a best safety advisor for the CIA and gives gripping tales that exhibit how steganography works * Appendix offers instruments to assist humans notice and counteract stenanography

Handbook of Risk

The last word resource for chance administration informationBefore stepping into any funding, the chance of that enterprise has to be pointed out and quantified. The instruction manual of chance presents in-depth assurance of possibility from each attainable attitude and illuminates the topic by means of protecting the quantitative and and behavioral matters confronted by means of funding execs on a daily foundation.

Information Security Governance Simplified: From the Boardroom to the Keyboard

Safeguard practitioners has to be in a position to construct economical defense courses whereas additionally complying with executive laws. details protection Governance Simplified: From the Boardroom to the Keyboard lays out those laws basically and explains how you can use regulate frameworks to construct an air-tight info defense (IS) application and governance constitution.

Computer Security Fundamentals

ONE-VOLUME creation TO desktop defense in actual fact explains middle options, terminology, demanding situations, applied sciences, and abilities Covers today’s most recent assaults and countermeasures the best beginner’s advisor for an individual attracted to a working laptop or computer protection profession Chuck Easttom brings jointly whole assurance of all uncomplicated ideas, terminology, and matters, besides the entire abilities you must start.

Extra resources for Management of Information Security

Example text

The InfoSec community must educate and inform the other communities of interest so that InfoSec projects are afforded the same support as other IT and non-IT projects. Resistance to New Technology InfoSec projects often introduce new technologies. Depending on an organization’s appetite for risk, a project may execute technology-based controls that are new to the industry as well as to the organization. Sometimes, the disparate members of the communities of interest that are needed to make a project successful are not open to new or different technologies, and the project manager becomes engaged in debates about technology selections or is required to build consensus around technology choices.

Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s). Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it. Introduction to the Management of Information Security 15 Protection The protection function is executed via a set of risk management activities, including risk assessment and control, as well as protection mechanisms, technologies, and tools.

Each of these plans is usually coordinated across the business and IT functions of the enterprise and placed into a master schedule for implementation. The overall goal is to create plans that support long-term achievement of the overall organizational strategy. If all goes as expected, the entire collection of tactical plans accomplishes the operational goals and the entire collection of operational goals accomplishes the subordinate strategic goals; this helps to meet the strategic goals and objectives of the organization as a whole.

Download PDF sample

Rated 4.92 of 5 – based on 10 votes