• Clearly explains all facets of InfoSec program and policy planning, development, deployment, and management.
• Thoroughly updated for today’s challenges, laws, regulations, and best practices.
• The perfect resource for anyone pursuing an information security management career
In today’s dangerous world, failures in information security can be catastrophic. Organizations must protect themselves. Protection begins with comprehensive, realistic policies. This up-to-date guide will help you create, deploy, and manage them.
Complete and easy to understand, it explains key concepts and techniques through real-life examples. You’ll master modern information security regulations and frameworks, and learn specific best-practice policies for key industry sectors, including finance, healthcare, online commerce, and small business.
If you understand basic information security, you’re ready to succeed with this book. You’ll find projects, questions, exercises, examples, links to valuable easy-to-adapt information security policies…everything you need to implement a successful information security program.
Publisher: Pearson IT Certification
· Establish program objectives, elements, domains, and governance
· Understand policies, standards, procedures, guidelines, and plans—and the differences among them
· Write policies in “plain language,” with the right level of detail
· Apply the Confidentiality, Integrity & Availability (CIA) security model
· Use NIST resources and ISO/IEC 27000-series standards
· Align security with business strategy
· Define, inventory, and classify your information and systems
· Systematically identify, prioritize, and manage InfoSec risks
· Reduce “people-related” risks with role-based Security Education, Awareness, and Training (SETA)
· Implement effective physical, environmental, communications, and operational security
· Effectively manage access control
· Respond to incidents and ensure continuity of operations
· Comply with laws and regulations, including GLBA, HIPAA/HITECH, FISMA, state data security and notification rules, and PCI DSS
Available in hard copy and e-Book (EPUB, MOBI, PDF) formats.
and get instant access to more than 40,000 books and videos from over 200 publisher.
5 Stars! Written in plain English, this book has almost anything an aspiring information security manager needs to know. Should be required reading for 101 level college classes.
5 Stars! Got the book for school. Awesome read.
Four Stars! Good overview of security policy.
Five Stars! Material is relevant for security professionals.
Five Stars! I suggest you grab a copy if you plan on moving up in the world of cyber security. A good portion of Security Program and Policies is equivalent to a masters degree. If you plan on pursuing a higher level of education in Information Security, you will need this book, too. I wish I had it back then.
Four Stars! Good book for understanding security policies.