book

The Information Systems Security Officer's Guide, 3rd Edition

Name: The Information Systems Security Officer's Guide, 3rd Edition
Author: Gerald L. Kovacich
ISBN: 9780128023792

by Gerald L. Kovacich

January 2016

Beginner

360 pages

10h 7m

English

Butterworth-Heinemann

Read now

Unlock full access

Cover image
Title page
Table of Contents
Copyright
Dedication
About the Author
Preface
Acknowledgments
Introduction
Section I. The Working Environment of the Cyber Security Officer

Introduction
Chapter 1. Understanding the Past and Present Cyber-Information World Environment
Ah, the Good Ol’ Days!Global Information InfrastructureNational Information InfrastructureHow Did We Get from Adam to the Internet?Changing Criminal Justice SystemsThe Human FactorSummary
Chapter 2. Understanding the Past and Present Global Business and Management Environment
The Changing Business and Government EnvironmentsUnderstanding the Business EnvironmentManagement Responsibilities and Communicating with ManagementCreating a Competitive Advantage through a Cyber Security ProgramService, Support, and a Business OrientationBusiness Managers and Cyber securityWhat Company Managers Should Ask of Their Cyber Security ProfessionalsWhat Cyber Security Professionals Should DoQuestions to ConsiderSummary
Chapter 3. An Overview of Related World Views of Cyber Security
Evolution of Laws, Standards, Policies, and ProceduresGlobal via the UNThe EUAsiaSouth AmericaAfricaCanadaUnited StatesSummary
Chapter 4. A Glimpse at the History of Technology
What Is Technology?From Cave Man to Cyber Security Professional and Information WarriorRevolutions and Evolutions in High TechnologyFrom the Twentieth Century to Today: Technology and the Advent of High TechnologyThe InternetThe High-Technology-Driven PhenomenonFaster and More Massive High-Technology-Driven CommunicationsThe Beneficial Effect of Hacker Tools and Other Malicious Software on Network Security with Dual Roles as Cyber Security ToolsOther High-Technology Tools in Cyber SecurityWelcome to the Twenty-First-Century TechnologySummary
Chapter 5. Understanding Today’s Threats in the Cyber Vapor—“War Stories” from the Front Lines
Reported Digital Battlefield Attacks and Related StoriesSummary
Section II. The Duties and Responsibilities of a Cyber Security Officer
Introduction
Chapter 6. The Cyber Security Officer’s Position, Duties, and Responsibilities
IntroductionThe Cyber Security Officer in a Global CorporationCyber Security Officer Duties and ResponsibilitiesGoals and ObjectivesLeadership PositionVision, Mission, and Quality StatementsCyber Security PrinciplesProject and Risk Management ProcessesCyber Security Officer and Organizational ResponsibilitiesSummary
Chapter 7. The Cyber Security Program’s Strategic, Tactical, and Annual Plans
IntroductionCorporate’s Cyber Security Strategic PlanCorporate’s Cyber Security Tactical PlanCyber Security Annual PlanQuestions to ConsiderSummary
Chapter 8. Establishing a Cyber Security Program and Organization
IntroductionCorporate Cyber Security ProgramCyber Security Officer Thought Process in Establishing the Cyber Security OrganizationQuestions to ConsiderSummary
Chapter 9. Determining and Establishing Cyber Security Functions
IntroductionProcessesValuing InformationInternational Widget Corporation (IWC) Cyber Security Program Functions Process DevelopmentCyber Security Officer’s Cyber Security Program FunctionsAccess Control and Access Control SystemsEvaluation of All Hardware, Firmware, and SoftwareRisk Management ProgramSecurity Tests and Evaluations ProgramNoncompliance InquiriesContingency and Emergency Planning and Disaster Recovery ProgramQuestions to ConsiderSummary
Chapter 10. Establishing a Metrics Management System
IntroductionMetrics 1: Cyber Security Program Level of Effort Drivers—Number of UsersExamples of Other Metrics ChartsProject ManagementQuestions to ConsiderSummary
Chapter 11. Annual Reevaluation and Future Plans
IntroductionOne-Year ReviewCyber Security Program Strategic, Tactical, and Annual PlansLinking Cyber Security Program Accomplishments to Corporate GoalsMetrics AnalysisPlanning for Next YearQuestions to ConsiderSummary
Chapter 12. High-Technology Crimes Investigative Support
IntroductionDuties and Responsibilities of a Cyber Security Officer in Deterring High-Technology CrimesAssisting with Computer Forensics SupportDealing with Law EnforcementQuestions to ConsiderSummary
Section III. The Global, Professional, and Personal Challenges of a Cyber Security Officer
Introduction
Chapter 13. Introduction to Global Information Warfare
The PossibilitiesIntroduction to WarfareFour Generations of WarfareIntroduction to Global Information WarfareInformation Warfare Will Hit You in Your PocketbookBusiness Is WarIW Broadly Encompasses Many Levels and FunctionsWhat IW Is … and Is NotBeing Prepared-Bad Things Will HappenThe Possible Breakdowns in an Information EnvironmentGoing beyond Three Blind Men Describing an Elephant: Information Warfare Terms of ReferenceInformation Warfare Is a Powerful Approach for Attaining and Maintaining a Competitive AdvantageHow to Use IW to Achieve Goals and ObjectivesCoherent Knowledge-Based OperationsNetwork-Centric BusinessKnowledge ManagementSummaryNote
Chapter 14. The Cyber Security Officer and Privacy, Ethical, and Liability Issues
Introduction to Privacy IssuesIntroduction to Ethics IssuesCodes of EthicsCorporate Ethics, Standards of Conduct, Business Practices, and Corporate ValuesLiability IssuesQuestions to ConsiderSummary
Chapter 15. A Career as a Cyber Security Officer
IntroductionThe Cyber Security Officer’s Career Development ProgramEducationQuestionsSummary
Chapter 16. A Look at the Possible Future
Surviving into the FutureNew Old Approach to Security—Defensive ApproachThe Changing EnvironmentThe Need for Enlightened and Dedicated LeadershipGlobal TrendsOffensive–Defensive Cyber AttacksThe Future of the InternetQuestionsSummary
Index

Overview

The Information Systems Security Officer's Guide: Establishing and Managing a Cyber Security Program, Third Edition, provides users with information on how to combat the ever-changing myriad of threats security professionals face. This entirely updated edition presents practical advice on establishing, managing, and evaluating a successful information protection program in a corporation or government agency, covering everything from effective communication to career guidance for the information security officer.

The book outlines how to implement a new plan or evaluate an existing one, and is especially targeted to those who are new to the topic. It is the definitive resource for learning the key characteristics of an effective information systems security officer (ISSO), and paints a comprehensive portrait of an ISSO's duties, their challenges, and working environments, from handling new technologies and threats, to performing information security duties in a national security environment.

Provides updated chapters that reflect the latest technological changes and advances in countering the latest information security threats and risks and how they relate to corporate security and crime investigation
Includes new topics, such as forensics labs and information warfare, as well as how to liaison with attorneys, law enforcement, and other agencies others outside the organization
Written in an accessible, easy-to-read style

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

Computer and Information Security Handbook, 3rd Edition

Publisher Resources

ISBN: 9780128023792

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design

Business

Soft Skills