Book description
This book explains the ongoing war between private business and cyber criminals, state-sponsored attackers, terrorists, and hacktivist groups. Further, it explores the risks posed by trusted employees that put critical information at risk through malice, negligence, or simply making a mistake. It clarifies the historical context of the current situation as it relates to cybersecurity, the challenges facing private business, and the fundamental changes organizations can make to better protect themselves. The problems we face are difficult, but they are not hopeless.
Cybercrime continues to grow at an astounding rate. With constant coverage of cyber-attacks in the media, there is no shortage of awareness of increasing threats. Budgets have increased and executives are implementing stronger defenses. Nonetheless, breaches continue to increase in frequency and scope.
Building a Comprehensive IT Security Program shares why organizations continue to fail to secure their critical information assets and explains the internal and external adversaries facing organizations today. This book supplies the necessary knowledge and skills to protect organizations better in the future by implementing a comprehensive approach to security.
Jeremy Wittkop's security expertise and critical experience provides insights into topics such as:
Who is attempting to steal information and why?
What are critical information assets?
How are effective programs built?
How is stolen information capitalized?
How do we shift the paradigm to better protect our organizations?
How we can make the cyber world safer for everyone to do business?
Table of contents
- Cover
- Frontmatter
- 1. The Problem We Are Facing
- 2. Protecting Critical Assets
- 3. Monetizing Risk
- 4. Security Intelligence Model
- 5. Incident Response Planning
- 6. The People Problem
- 7. Assigning Accountability
- 8. Shifting the Paradigm
- 9. The Definition of Insanity
- 10. Deja Vu
- 11. The Information Security Community
- 12. Partnering with Governments
- Backmatter
Product information
- Title: Building a Comprehensive IT Security Program: Practical Guidelines and Best Practices
- Author(s):
- Release date: August 2016
- Publisher(s): Apress
- ISBN: 9781484220535
You might also like
book
Building an Information Security Awareness Program
The best defense against the increasing threat of social engineering attacks is Security Awareness Training to …
book
Practical Internet of Things Security - Second Edition
A practical, indispensable security guide that will navigate you through the complex realm of securely building …
book
Infosec Strategies and Best Practices
Advance your career as an information security professional by turning theory into robust solutions to secure …
book
Designing a HIPAA-Compliant Security Operations Center: A Guide to Detecting and Responding to Healthcare Breaches and Events
Develop a comprehensive plan for building a HIPAA-compliant security operations center, designed to detect and respond …