TY - BOOK AU - Mooney,Tom TI - Information Security a Practical Guide: Bridging the Gap Between IT and Management SN - 9781849287425 AV - QA76.9.A25 .M666 2015 U1 - 658.478 PY - 2015/// CY - Ely PB - IT Governance Ltd KW - Computer security-Management KW - Information technology-Management KW - Electronic books N1 - Cover -- Title -- Copyright -- Contents -- Introduction -- Chapter 1: Day One as a Security Professional -- Chapter Overview -- Objectives -- Your First Day -- Confidentiality, Integrity and Availability (CIA) -- Getting to Know the Business -- Key IT Personnel -- What is the Security Culture? -- Identifying the Gaps in Security -- Chapter 2: Business Impact of Breaches -- Chapter Overview -- Objectives -- How to Assess the Impact -- Data Types -- Impacts -- Reputational Damage -- Personal Impact -- Contractual Impact -- Financial Impact -- Legal Impacts -- Chapter 3: Business Risk Appetite -- Chapter Overview -- Objectives -- Risk Appetite -- Risk Treatments -- Chapter 4: Threats -- Chapter Overview -- Objectives -- Types of Threats -- Hackers -- Malware Writers -- Script Kiddies -- Journalists -- Criminals -- Physical Intruder -- Researchers -- Hacktivists -- Disgruntled Employees -- Chapter 5: Quick and Dirty Risk Assessment -- Chapter Overview -- Objectives -- Identifying Risks -- Defining the Risk Level -- Risk Table -- Realigning the Risk Level -- Chapter 6: Getting Buy-in From Your Peers -- Chapter Overview -- Objectives -- Points of Contact with your Peers -- How to Engage with your Peers -- Chapter 7: Documenting the System For Everyone -- Chapter Overview -- Objectives -- Setting the Scene -- Entities -- Service Overview -- Adding Boundaries -- Showing Information Flow -- Adding the Threats -- Chapter 8: Mapping Data in the System -- Chapter Overview -- Objectives -- Mapping Data -- Chapter 9: Penetration Testing -- Chapter Overview -- Objectives -- Types of Penetration Test -- Scoping the test -- Trusting the Testers -- Implementing Fixes -- Chapter 10: Information Security Policy -- Chapter Overview -- Objectives -- The Advantages of Security Policies -- Giving Your Policies Teeth -- Key Security Policies; Ways of Ensuring Your Policy is Read -- ITG Resources N2 - Provides an overview of basic information security practices that will enable your security team to better engage with their peers to address the threats facing the organisation as a whole UR - https://ebookcentral.proquest.com/lib/orpp/detail.action?docID=2048580 ER -