Chapter 2: Protecting the Security of Assets

Originally, the concept for the start of this chapter was to ask you "How can you protect an organization if you don't know what assets they have?". We both know the answer to that question is "You can't," and we've probably been asked this question a thousand times between the two of us, so I'm not going to ask it. Instead, I'm going to show you how you might structure the appropriate processes at your organization in order to discover and protect its assets.

These various processes combine to create what is known as an Information Security Management System (ISMS). We covered various key concepts in Chapter 1, InfoSec and Risk Management, but overall, there was much less structure than most organizations ...

Get Infosec Strategies and Best Practices now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Infosec Strategies and Best Practices by Joseph MacMillan

Chapter 2: Protecting the Security of Assets

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly