home libri books Fumetti ebook dvd top ten sconti 0 Carrello


Torna Indietro

pompon raymond - it security risk control management

IT Security Risk Control Management An Audit Preparation Plan




Disponibilità: Normalmente disponibile in 15 giorni
A causa di problematiche nell'approvvigionamento legate alla Brexit sono possibili ritardi nelle consegne.


PREZZO
64,98 €
NICEPRICE
61,73 €
SCONTO
5%



Questo prodotto usufruisce delle SPEDIZIONI GRATIS
selezionando l'opzione Corriere Veloce in fase di ordine.


Pagabile anche con Carta della cultura giovani e del merito, 18App Bonus Cultura e Carta del Docente


Facebook Twitter Aggiungi commento


Spese Gratis

Dettagli

Genere:Libro
Lingua: Inglese
Editore:

Apress

Pubblicazione: 09/2016
Edizione: 1st ed.





Trama

Follow step-by-step guidance to craft a successful security program. You will identify with the paradoxes of information security and discover handy tools that hook security controls into business processes.

Information security is more than configuring firewalls, removing viruses, hacking machines, or setting passwords. Creating and promoting a successful security program requires skills in organizational consulting, diplomacy, change management, risk analysis, and out-of-the-box thinking.

What You Will Learn:

  • Build a security program that will fit neatly into an organization and change dynamically to suit both the needs of the organization and survive constantly changing threats
  • Prepare  for and pass such common audits as PCI-DSS, SSAE-16, and ISO 27001
  • Calibrate the scope, and customize security controls to fit into an organization’s culture
  • Implement the most challenging processes, pointing out common pitfalls and distractions
  • Frame security and risk issues to be clear and actionable so that decision makers, technical personnel, and users will listen and value your advice

Who This Book Is For:

IT professionals moving into the security field; new security managers, directors, project heads, and would-be CISOs; and security specialists from other disciplines moving into information security (e.g., former military security professionals, law enforcement professionals, and physical security professionals)





Sommario

Part I: Getting a Handle on Things

Chapter 1: Why Audit

Chapter 2: Assume Breach

Chapter 3: Risk Analysis: Assets and Impacts

Chapter 4: Risk Analysis: Natural Threats

Chapter 5: Risk Analysis: Adversarial Risk

Part II: Wrangling the Organization

Chapter 6: Scope

Chapter 7: Governance

Chapter 8: Talking to the Suits

Chapter 9: Talking to the Techs<

Chapter 10: Talking to the Users

Part III: Managing Risk with Controls

Chapter 11: Policy

Chapter 12: Control Design

Chapter 13: Administrative Controls

Chapter 14: Vulnerability Management

Chapter 15: People Controls

Chapter 16: Logical Access Control

Chapter 17: Network Security Controls

Chapter 18: More Technical Controls

Chapter 19: Physical Security Controls

Part IV: Being Audited

Chapter 20: Response Controls

Chapter 21: Starting the Audit

Chapter 22: Internal Audit

Chapter 23: Third Party Security

Chapter 24: Post Audit Improvement

 





Autore

Ray Pompon is currently the Director of Security at Linedata. With over 20 years of experience in Internet security, he works closely with Federal investigators in cyber-crime investigations and apprehensions. He has been directly involved in several major intrusion cases, including the FBI undercover Flyhook operation and the NW Hospital botnet prosecution. For six years, Ray was president and founder of the Seattle chapter of InfraGard, the FBI public-private partnership. He is a lecturer and on the board of advisors for three information assurance certificate programs at the University of Washington. Ray has written many articles and white papers on advanced technology topics and is frequently asked to speak as a subject matter expert on Internet security issues. National journalists have solicited and quoted his thoughts and perspective on the topic of computer security numerous times. He is a Certified Information Systems Security Professional as well as GIAC certified in the Law of Data Security & Investigations.











Altre Informazioni

ISBN:

9781484221396

Condizione: Nuovo
Dimensioni: 254 x 178 mm Ø 662 gr
Formato: Brossura
Illustration Notes:XXXI, 311 p. 33 illus., 11 illus. in color.
Pagine Arabe: 311
Pagine Romane: xxxi


Dicono di noi