Enterprise Information Security and Privacy

 
 
Artech House Publishers
  • 1. Auflage
  • |
  • erschienen am 28. Februar 2009
  • |
  • 258 Seiten
 
E-Book | PDF mit Adobe-DRM | Systemvoraussetzungen
978-1-59693-191-6 (ISBN)
 
Here's a unique and practical book that addresses the rapidly growing problem of information security, privacy, and secrecy threats and vulnerabilities. This authoritative resource helps you understand what really needs to be done to protect sensitive data and systems and how to comply with the burgeoning roster of data protection laws and regulations. The book examines the effectiveness and weaknesses of current approaches and guides you towards practical methods and doable processes that can bring about real improvement in the overall security environment. You gain insight into the latest security and privacy trends, learn how to determine and mitigate risks, and discover the specific dangers and responses regarding the most critical sectors of a modern economy.
  • Englisch
  • Norwood
  • |
  • USA
  • Windows
978-1-59693-191-6 (9781596931916)

weitere Ausgaben werden ermittelt
  • Enterprise Information Security and Privacy
  • Contents
  • Foreword
  • Preface
  • Acknowledgments
  • Part I: Trends
  • Chapter 1 Privacy Roles and Responsibilities
  • 1.1 Background
  • 1.2 Observations
  • 1.3 Recommendations
  • 1.3.1 Roles and Responsibilities of Information Security
  • 1.3.2 The Impact of Outsourcing: Privacy, Security, and Enforcing Controls
  • 1.3.3 Privacy and New Roles for Information Security
  • 1.4 Future Trends
  • Chapter 2 Data Protection
  • 2.1 Background
  • 2.2 Observations
  • 2.3 Recommendations
  • 2.3.1 Formalize a Trust Model
  • 2.3.2 Utilize an Integrated and Holistic Approach to Security and Governance
  • 2.3.3 Implement a Risk-Based Systemic Security Architecture
  • 2.3.4 Support an Adaptive Security Approach to Security
  • 2.3.5 Build Systems, Applications, Networks, Protocols, and Others Using Accepted Standards
  • 2.4 Future Trends
  • Chapter 3 IT Operational Pressures on Information Security
  • 3.1 Background
  • 3.1.1 IT Operations and IT Service Development Impede Information SecurityGoals
  • 3.1.2 Information Security Impedes IT Operations and IT Service Development Goals
  • 3.1.3 Information Security Using a Technology-Centric, Bottom-Up Risk Model
  • 3.2 Observations
  • 3.3 Recommendations
  • 3.3.1 Stabilize the Patient and Get Plugged into Production
  • 3.3.2 Find Business Risks, Identify Controls, and Fix Fragile Artifacts
  • 3.3.3 Implement Development and Release Controls
  • 3.3.4 Continually Improve
  • 3.4 Future Trends
  • Chapter 4 Information Classification
  • 4.1 Background
  • 4.2 Observations
  • 4.3 Recommendations
  • 4.4 Future Trends
  • Chapter 5 Human Factors
  • 5.1 Background
  • 5.1.1 Historical Perspective on Privacy
  • 5.1.2 Impact of Technology on Privacy
  • 5.1.3 Privacy in a Corporate Setting
  • 5.1.4 Evolution of Personal Information
  • 5.2 Observations
  • 5.2.1 Privacy Trade-offs-Human Behavioral Impact on Privacy
  • 5.2.2 What is Risk?
  • 5.3 Recommendations
  • 5.4 Future Trends
  • Acknowledgments
  • Part II: Risks
  • Chapter 6 Making the Case for Replacing Risk-Based Security
  • 6.1 Introduction
  • 6.1.1 Understanding Security Risk
  • 6.2 Why Risk Assessment and Risk Management Fail
  • 6.2.1 Misplaced Support for Risk-Based Security in Practice
  • 6.2.2 Alternatives to Security Risk Assessment
  • 6.3 Conclusion
  • Chapter 7 The Economics of Loss
  • 7.1 Security as the Prevention of Loss
  • 7.2 Quantifying the Risk of Loss
  • 7.3 Refining the Basic Risk Equation
  • 7.4 The Problem of Quantifying Loss Itself
  • 7.5 Confronting the Reality of Hypothetical Actions
  • 7.6 Overcoming the Fixation on Assets
  • 7.7 Overcoming the Fixation on Market Value
  • 7.8 Overcoming the Fixation on Productivity
  • 7.9 Overcoming the Neglect of Substitutes
  • 7.10 Taking Account of the Duration and Extent of the Effects
  • 7.11 Distinguishing Between the Different Business Categories ofAttacks
  • 7.12 Putting the Proper Risk Estimates Back into the ROI Calculation
  • Chapter 8 Legal and Regulatory Obligations
  • 8.1 The Expanding Duty to Provide Security
  • 8.1.1 Where Does It Come From?
  • 8.1.2 What Is Covered?
  • 8.2 The Emergence of a Legal Standard for Compliance
  • 8.2.1 The Developing Legal Definition of "Reasonable Security"
  • 8.2.2 An Increasing Focus on Specific Data Elements and Controls
  • 8.3 The Imposition of a Duty to Warn of Security Breaches
  • 8.3.1 The Basic Obligation
  • 8.3.2 International Adoption
  • 8.4 Conclusion
  • Chapter 9 Telecommunications
  • 9.1 Security Issues in Mobile Telecommunications
  • 9.1.1 Pressure on the Perimeter Model
  • 9.1.2 Computer Security Threats for Portable Devices
  • 9.2 Security Issues in Global Telecommunications
  • 9.2.1 Global Cooperation on Cyber Attack
  • 9.2.2 Global Attention to Software Piracy
  • 9.3 Security Issues in Internet Protocol-Based Telecommunications
  • 9.3.1 Reduced Technological Diversity
  • 9.3.2 Increased Reliance on Shared, Decentralized Internet-Based Systems
  • 9.4 Security Issues in Bandwidth-Increasing Telecommunications
  • 9.4.1 Residential Users Have Greater Security Responsibility
  • 9.4.2 Botnets Become a Huge Threat to the Global Economy
  • References
  • Part III: Experience
  • Chapter 10 Financial Services
  • 10.1 Laws, Regulations, and Supervisory Requirements
  • 10.1.1 Gramm-Leach-Bliley Act of 1999
  • 10.1.2 The Sarbanes-Oxley Act of 2002
  • 10.1.3 The Fair and Accurate Credit Transactions Act of 2003
  • 10.1.4 Breach Notification Requirements
  • 10.1.5 Supervisory Guidance
  • 10.2 Future Focus
  • 10.2.1 Identity Theft Prevention
  • 10.2.2 Outsourcing and Offshoring
  • 10.2.3 Cross-Border Data Flows
  • 10.2.4 Encryption
  • 10.2.5 Online Behavioral Advertising
  • 10.2.6 Internet Governance
  • 10.2.7 Wireless Security
  • 10.2.8 Capital Requirements for Operational Risk
  • 10.2.9 Security of Web-Based Business Applications
  • 10.2.10 Other Future Focuses in Financial Sector Security
  • 10.3 Compliance Challenges
  • Chapter 11 Energy
  • 11.1 Overview of Sector
  • 11.2 Risks Related to Security and Privacy
  • 11.3 How Risks Are Addressed
  • 11.4 Documentation and Its Relation to Information Security
  • 11.5 Conclusion
  • Acknowledgments
  • Selected Bibliography
  • Chapter 12 Transportation Security
  • 12.1 Overview
  • 12.2 Technology's Role in Transportation Security
  • 12.3 Security in Transit
  • 12.4 Best Practices Applied
  • Chapter 13 Academia
  • 13.1 Overview
  • 13.1.1 Age and Demographics
  • 13.1.2 You Cannot Fire Me
  • 13.1.3 Hard to Educate Users
  • 13.1.4 Lax Controls
  • 13.1.5 How Everything Is Connected
  • 13.2 Case Studies
  • 13.2.1 Case Study: Social Networking and Crimeware
  • 13.2.2 Case Study: Social Phishing
  • 13.2.3 Case Study: Infected Access Points
  • 13.3 Protection
  • References
  • Appendix A Key Information Security Law References
  • A.1 Federal Statutes
  • A.2 State Statutes
  • A.3 Federal Regulations
  • A.4 State Regulations
  • A.5 Court Decisions
  • A.6 FTC Decisions and Consent Decrees
  • A.7 State Attorneys General Consent Decrees
  • A.8 European Union-Directives
  • A.9 European Union-Security Provisions in Country Implementations of Data Protection Directive
  • A.10 Other Countries
  • About the Authors
  • Index

Dateiformat: PDF
Kopierschutz: Adobe-DRM (Digital Rights Management)

Systemvoraussetzungen:

Computer (Windows; MacOS X; Linux): Installieren Sie bereits vor dem Download die kostenlose Software Adobe Digital Editions (siehe E-Book Hilfe).

Tablet/Smartphone (Android; iOS): Installieren Sie bereits vor dem Download die kostenlose App Adobe Digital Editions oder die App PocketBook (siehe E-Book Hilfe).

E-Book-Reader: Bookeen, Kobo, Pocketbook, Sony, Tolino u.v.a.m. (nicht Kindle)

Das Dateiformat PDF zeigt auf jeder Hardware eine Buchseite stets identisch an. Daher ist eine PDF auch für ein komplexes Layout geeignet, wie es bei Lehr- und Fachbüchern verwendet wird (Bilder, Tabellen, Spalten, Fußnoten). Bei kleinen Displays von E-Readern oder Smartphones sind PDF leider eher nervig, weil zu viel Scrollen notwendig ist. Mit Adobe-DRM wird hier ein "harter" Kopierschutz verwendet. Wenn die notwendigen Voraussetzungen nicht vorliegen, können Sie das E-Book leider nicht öffnen. Daher müssen Sie bereits vor dem Download Ihre Lese-Hardware vorbereiten.

Bitte beachten Sie bei der Verwendung der Lese-Software Adobe Digital Editions: wir empfehlen Ihnen unbedingt nach Installation der Lese-Software diese mit Ihrer persönlichen Adobe-ID zu autorisieren!

Weitere Informationen finden Sie in unserer E-Book Hilfe.


Als Download verfügbar

114,39 €
inkl. 7% MwSt.
E-Book Einzellizenz
PDF mit Adobe-DRM
siehe Systemvoraussetzungen
E-Book bestellen