book

Cyber Security, 2nd Edition

by David Sutton

December 2022

Intermediate to advanced

222 pages

7h 19m

English

BCS, The Chartered Institute for IT

Read now

Unlock full access

BackgroundThe expectations of users and organisationsCyber security in the wider context
Some thoughts on social, political and other issuesCybercrimeCyber harassment or cyber bullyingCyber warfareCyber surveillanceWhy we should careWhat makes cyber security difficult?
Individual targetsBusiness targetsCritical national infrastructure (CNI) targetsBuilding targetsAcademia and research targetsManufacturing and industry targets
Cyber vulnerabilitiesCyber impacts
Types of attackerMotives: what drives an attackerMeansCyber-attack methodsTypes of cyber-attack and attack vectorsThe risks of conducting a cyber-attack
A general view of riskAssetsThreatsVulnerabilitiesLikelihood or probabilityQualitative and quantitative assessmentsThe risk management process
FailuresBusiness continuityDisaster recovery
General security adviceTechnical security adviceMobile working
Security policies overviewDirective policiesAdministrative policiesCommunal policiesTechnical policies
AwarenessTraining
TrustInformation classificationProtection of shared informationAnonymisation of shared informationRoutes to information sharing
Cyber security standardsISO/IEC 27000 series standardsOther relevant ISO standardsBusiness continuity standardsNational Institute of Standards and Technology (NIST) standards
General cyber security adviceUK government cyber security advice
UK LawEU Directives and Regulations
Generic cyber security training and qualificationsSpecific cyber security training and qualifications
AbbreviationsGlossary

Content preview from Cyber Security, 2nd Edition

6 INFORMATION RISK MANAGEMENT OVERVIEW

In this chapter, we shall review the underlying principle of cyber security – that of information risk management. This chapter is not a detailed review of the subject – you can find this in the second edition of my book Information Risk Management: A Practitioner’s Guide,¹ also published by BCS.

A GENERAL VIEW OF RISK

In Part I of this book, we looked at some of the impacts of cyber-attacks, the threats that can cause them and some of the possible motives behind an attack. Impacts and consequences are just two of the elements of risk management. The others are assets – the things we care about; vulnerabilities – those things that weaken our defences against cyber-attacks; and likelihood or probability ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Start your free trial

Fundamentals of Information Systems Security, 4th Edition

Publisher Resources

ISBN: 9781780175973

Cyber Security, 2nd Edition

by David Sutton

6 INFORMATION RISK MANAGEMENT OVERVIEW

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

You might also like

Fundamentals of Information Systems Security, 4th Edition

Fundamentals of Information Systems Security, 3rd Edition

Cyber Security Essentials

Cybersecurity For Dummies, 2nd Edition

Publisher Resources

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,and much more.

You might also like

Fundamentals of Information Systems Security, 4th Edition

Fundamentals of Information Systems Security, 3rd Edition

Cyber Security Essentials

Cybersecurity For Dummies, 2nd Edition

Publisher Resources

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.