O'Reilly logo

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Cyber Security: A practitioner's guide

Book Description

Nearly every day we hear news that customer data has been compromised or new bugs have been discovered, leaving personal details open to the risk of falling into the wrong hands. Cyber security is more essential today than ever, not just in the workplace but at home too. This book covers the various types of cyber threat and explains what you can do to mitigate these risks and keep your data secure. The book is crucial reading for businesses wanting to better understand security risks and ensure the safety of organisational and customer data but will also be valuable to anyone concerned with data protection. Essential reading for both businesses and individuals concerned with data protection; Addresses serious cyber threats and how to mitigate these to keep data secure;  Written by an experienced information security professional and author.

Table of Contents

  1. Front Cover
  2. Half-Title Page
  3. BCS, THE CHARTERED INSTITUTE FOR IT
  4. Title Page
  5. Copyright Page
  6. Contents
  7. List of figures and tables
  8. Author
  9. Acknowledgements
  10. Abbreviations
  11. Preface
  12. Glossary
  13. PART I CYBER SECURITY PROBLEMS
  14. 1. INTRODUCTION
  15. Background
  16. The expectations of users and organisations
  17. Cyber security in the wider context
  18. 2. THE BIG ISSUES
  19. Cybercrime
  20. Cyber harassment or cyber bullying
  21. Cyber warfare
  22. Cyber surveillance
  23. Why we should care
  24. What makes cyber security difficult?
  25. 3. CYBER TARGETS
  26. Individual targets
  27. Business targets
  28. Critical national infrastructure targets
  29. Building targets
  30. Academia and research targets
  31. Manufacturing and industry targets
  32. 4. CYBER VULNERABILITIES AND IMPACTS
  33. Cyber vulnerabilities
  34. Cyber impacts
  35. 5. CYBER THREATS
  36. Types of attacker
  37. Motives – what drives an attacker
  38. Means
  39. Cyber-attack methods
  40. Types of cyber-attack and attack vectors
  41. The risks of conducting a cyber-attack
  42. PART II IMPROVING CYBER SECURITY
  43. 6. RISK MANAGEMENT OVERVIEW
  44. A general view of risk
  45. Assets
  46. Vulnerabilities
  47. Likelihood or probability
  48. Qualitative and quantitative assessments
  49. The risk management process
  50. 7. BUSINESS CONTINUITY AND DISASTER RECOVERY
  51. Business continuity
  52. Disaster recovery
  53. 8. BASIC CYBER SECURITY STEPS
  54. General security advice
  55. Technical security advice
  56. Mobile working
  57. 9. ORGANISATIONAL SECURITY STEPS
  58. Security policies overview
  59. Directive policies
  60. Administrative policies
  61. Communal policies
  62. Technical policies
  63. 10. AWARENESS AND TRAINING
  64. Awareness
  65. Training
  66. 11. INFORMATION SHARING
  67. Trust
  68. Information classification
  69. Protection of shared information
  70. Anonymisation of shared information
  71. Routes to information sharing
  72. PART III APPENDICES
  73. APPENDIX A – STANDARDS
  74. Cyber security standards
  75. ISO/IEC 27000 series standards
  76. Other relevant ISO standards
  77. Business continuity standards
  78. National Institute of Standards and Technology (NIST) standards
  79. APPENDIX B – GOOD PRACTICE GUIDELINES
  80. General cyber security advice
  81. UK government cyber security advice
  82. APPENDIX C – CYBER SECURITY LAW
  83. UK law
  84. EU directives and regulations
  85. Other relevant legislation
  86. APPENDIX D – CYBER SECURITY TRAINING
  87. APPENDIX E – LINKS TO OTHER USEFUL ORGANISATIONS
  88. Further reading
  89. Index