Organizations rely heavily on the use of information technology (IT) products and services to run their day-to-day activities.
Today, Information Technology products and services face insidious threats from advanced malware that, if left unchecked, are designed to penetrate government, corporate, and infrastructure systems to gain control over those systems, rob unsuspecting victims, steal identities, damage reputations, hold us hostage, or worse.
Ensuring the security of these products and services is of the utmost importance for the success of an organization.
This book introduces the information security principles that organizations may leverage to understand the information security needs of their respective systems.
Table of Contents
- What’s the Difference Between Information Security and Cybersecurity?
- Information ≠ Data
- Target Audience
- The Cybersecurity Ecosystem
- Top 10 Data Breaches of the 21st Century
- Intrusions by Any Other Name
- Threats and Vulnerabilities
- Fraud and Theft
- Insider Threat
- Malicious Hackers and Their Motivations
- Non-Adversarial Threat Sources and Events
- The Role of Malicious Code in Cyberattacks
- Anatomy of a Cyberattack
- Battle Maneuvers
- Cornerstones of Information Security
- Information Security Supports the Mission of the Organization
- Information Security Is an Integral Element of Sound Management
- Information Security Protections Are Implemented So as To Be Commensurate with Risk
- Information Security Roles and Responsibilities Are Explicit
- Information Security Responsibilities for System Owners Go Beyond Their Own Organization
- Information Security Requires A Comprehensive and Integrated Approach
- Information Security Is Assessed and Monitored Regularly
- Information Security Is Constrained by Societal and Cultural Factors
- Information Security Policy
- Standards, Guidelines, and Procedures
- Program Policy
- Issue-Specific Policy
- System-Specific Policy
- Cost Considerations
- Risk Management
- System Support and Operations
- Security Control Families
- Making It Personal
- Have I Been Pwned?
- Is Your Password A Problem?
- The Shadowy Case of Lucas Casimir
- Use Antivirus Software and Keep It Updated
- OS Firewalls
- Use a VPN
- Use 2-Factor Authentication
- Education and Awareness