Название: Effective Cybersecurity: A Guide to Using Best Practices and Standards
Автор: William Stallings
Издательство: Addison-Wesley Professional
ISBN: 0134772806
Год: 2019
Страниц: 800
Язык: английский
Формат: epub
Размер: 10.17 MB

The Practical, Comprehensive Guide to Applying Cybersecurity Best Practices and Standards in Real Environments

In Effective Cybersecurity, William Stallings introduces the technology, operational procedures, and management practices needed for successful cybersecurity. Stallings makes extensive use of standards and best practices documents that are often used to guide or mandate cybersecurity implementation. Going beyond these, he offers in-depth tutorials on the “how” of implementation, integrated into a unified framework and realistic plan of action.

Each chapter contains a clear technical overview, as well as a detailed discussion of action items and appropriate policies. Stallings offers many pedagogical features designed to help readers master the material: clear learning objectives, keyword lists, review questions, and QR codes linking to relevant standards documents and web resources.

Effective Cybersecurity aligns with the comprehensive Information Security Forum document “The Standard of Good Practice for Information Security,” extending ISF’s work with extensive insights from ISO, NIST, COBIT, other official standards and guidelines, and modern professional, academic, and industry literature.

• Understand the cybersecurity discipline and the role of standards and best practices
• Define security governance, assess risks, and manage strategy and tactics
• Safeguard information and privacy, and ensure GDPR compliance
• Harden systems across the system development life cycle (SDLC)
• Protect servers, virtualized systems, and storage
• Secure networks and electronic communications, from email to VoIP
• Apply the most appropriate methods for user authentication
• Mitigate security risks in supply chains and cloud environments

This knowledge is indispensable to every cybersecurity professional. Stallings presents it systematically and coherently, making it practical and actionable.

Contents:

Preface
CHAPTER 1 Best Practices, Standards, and a Plan of Action
PART I PLANNING FOR CYBERSECURITY
CHAPTER 2 Security Governance
CHAPTER 3 Information Risk Assessment
CHAPTER 4 Security Management
PART II MANAGING THE CYBERSECURITY FUNCTION
CHAPTER 5 People Management
CHAPTER 6 Information Management
CHAPTER 7 Physical Asset Management
CHAPTER 8 System Development
CHAPTER 9 Business Application Management
CHAPTER 10 System Access
CHAPTER 11 System Management
CHAPTER 12 Networks and Communications
CHAPTER 13 Supply Chain Management and Cloud Security
CHAPTER 14 Technical Security Management
CHAPTER 15 Threat and Incident Management
CHAPTER 16 Local Environment Management
CHAPTER 17 Business Continuity
PART III SECURITY ASSESSMENT
CHAPTER 18 Security Monitoring and Improvement
Appendix A: References and Standards
Appendix B: Glossary
Index