0
Home / Catalog / Cyber Resilience
  
Cyber Resilience  
Published by IT Governance Publishing
Publication Date:  Available in all formats
ISBN: 9781787784406
Pages: 0
https://doi.org/9781787784406

EBOOK (EPUB)

EBOOK (PDF)

ISBN: 9781787784406 Price: INR 2619.75
Add to cart Buy Now

Description

Table of contents

We live in a world where technology and vast quantities of data play a considerable role in everyday life, both personal and professional. For the foreseeable future (and perhaps beyond), the growth and prominence of data in business shows no signs of slowing down, even if the technology in question will likely change in ways perhaps unimaginable today. Naturally, all this innovation brings huge opportunities and benefits to organisations and people alike. However, these come at more than just a financial cost. In the world as we know it, you can be attacked both physically and virtually. For today’s organisations, which rely so heavily on technology – particularly the Internet – to do business, the latter attack is the far more threatening of the two. The cyber threat landscape is complex and constantly changing. For every vulnerability fixed, another pops up, ripe for exploitation. Worse, when a vulnerability is identified, a tool that can exploit it is often developed and used within hours – faster than the time it normally takes for the vendor to release a patch, and certainly quicker than the time many organisations take to install that patch. This book has been divided into two parts: Part 1: Security principles. Part 2: Reference controls. Part 1 is designed to give you a concise but solid grounding in the principles of good security, covering key terms, risk management, different aspects of security, defence in depth, implementation tips, and more. This part is best read from beginning to end. Part 2 is intended as a useful reference, discussing a wide range of good-practice controls (in alphabetical order) you may want to consider implementing. Each control is discussed at a high level, focusing on the broader principles, concepts and points to consider, rather than specific solutions. Each control has also been written as a stand-alone chapter, so you can just read the controls that interest you, in an order that suits you.
Rating
Description
We live in a world where technology and vast quantities of data play a considerable role in everyday life, both personal and professional. For the foreseeable future (and perhaps beyond), the growth and prominence of data in business shows no signs of slowing down, even if the technology in question will likely change in ways perhaps unimaginable today. Naturally, all this innovation brings huge opportunities and benefits to organisations and people alike. However, these come at more than just a financial cost. In the world as we know it, you can be attacked both physically and virtually. For today’s organisations, which rely so heavily on technology – particularly the Internet – to do business, the latter attack is the far more threatening of the two. The cyber threat landscape is complex and constantly changing. For every vulnerability fixed, another pops up, ripe for exploitation. Worse, when a vulnerability is identified, a tool that can exploit it is often developed and used within hours – faster than the time it normally takes for the vendor to release a patch, and certainly quicker than the time many organisations take to install that patch. This book has been divided into two parts: Part 1: Security principles. Part 2: Reference controls. Part 1 is designed to give you a concise but solid grounding in the principles of good security, covering key terms, risk management, different aspects of security, defence in depth, implementation tips, and more. This part is best read from beginning to end. Part 2 is intended as a useful reference, discussing a wide range of good-practice controls (in alphabetical order) you may want to consider implementing. Each control is discussed at a high level, focusing on the broader principles, concepts and points to consider, rather than specific solutions. Each control has also been written as a stand-alone chapter, so you can just read the controls that interest you, in an order that suits you.
Table of contents
  • Cover
  • Title
  • Copyright
  • Contents
  • About the author
  • Acknowledgements
  • Introduction
  • Part 1: Security principles
    • Chapter 1: The cyber threat landscape
    • Chapter 2: Legal and contractual requirements
    • Chapter 3: Key terms and concepts
    • Chapter 4: Managing the risks
    • Chapter 5: Three security pillars
    • Chapter 6: Layers of defence in depth
    • Chapter 7: Mapping the layers against the Part 2 reference controls
    • Chapter 8: Implementation tips
  • Part 2: Reference controls
    • Chapter 9: Asset management
    • Chapter 10: Board-level commitment and involvement
    • Chapter 11: Business continuity management
    • Chapter 12: Configuration and patch management
    • Chapter 13: Continual improvement process
    • Chapter 14: Encryption
    • Chapter 15: External certification/validation
    • Chapter 16: Identity and access control
    • Chapter 17: Incident response management
    • Chapter 18: Internal audits
    • Chapter 19: Malware protection
    • Chapter 20: Network and communications security
    • Chapter 21: Physical and environmental security
    • Chapter 22: Security monitoring
    • Chapter 23: Security policies
    • Chapter 24: Staff training and awareness
    • Chapter 25: Supply chain security
    • Chapter 26: System security
    • Chapter 27: Vulnerability scanning and penetration testing
  • GRC International Group PLC resources
User Reviews
Rating