The Complete Guide to Cybersecurity Risks and Controls
1st Edition
Published on 29. August 2022
Book
Paperback/Softback
342 pages
978-1-032-40255-0 (ISBN)
Description
The Complete Guide to Cybersecurity Risks and Controls presents the fundamental concepts of information and communication technology (ICT) governance and control. In this book, you will learn how to create a working, practical control structure that will ensure the ongoing, day-to-day trustworthiness of ICT systems and data. The book explains how to establish systematic control functions and timely reporting procedures within a standard organizational framework and how to build auditable trust into the routine assurance of ICT operations.
The book is based on the belief that ICT operation is a strategic governance issue rather than a technical concern. With the exponential growth of security breaches and the increasing dependency on external business partners to achieve organizational success, the effective use of ICT governance and enterprise-wide frameworks to guide the implementation of integrated security controls are critical in order to mitigate data theft. Surprisingly, many organizations do not have formal processes or policies to protect their assets from internal or external threats.
The ICT governance and control process establishes a complete and correct set of managerial and technical control behaviors that ensures reliable monitoring and control of ICT operations. The body of knowledge for doing that is explained in this text. This body of knowledge process applies to all operational aspects of ICT responsibilities ranging from upper management policy making and planning, all the way down to basic technology operation.
The book is based on the belief that ICT operation is a strategic governance issue rather than a technical concern. With the exponential growth of security breaches and the increasing dependency on external business partners to achieve organizational success, the effective use of ICT governance and enterprise-wide frameworks to guide the implementation of integrated security controls are critical in order to mitigate data theft. Surprisingly, many organizations do not have formal processes or policies to protect their assets from internal or external threats.
The ICT governance and control process establishes a complete and correct set of managerial and technical control behaviors that ensures reliable monitoring and control of ICT operations. The body of knowledge for doing that is explained in this text. This body of knowledge process applies to all operational aspects of ICT responsibilities ranging from upper management policy making and planning, all the way down to basic technology operation.
More details
Series
Language
English
Place of publication
London
United Kingdom
Publishing group
Taylor & Francis Ltd
Target group
Professional and scholarly
Academic and Professional Practice & Development
Product notice
Paperback (trade)
Unsewn / adhesive bound
Illustrations
70 s/w Abbildungen
70 Illustrations, black and white
Dimensions
Height: 231 mm
Width: 152 mm
Thickness: 15 mm
Weight
476 gr
ISBN-13
978-1-032-40255-0 (9781032402550)
Copyright in bibliographic data and cover images is held by Nielsen Book Services Limited or by the publishers or by their respective licensors: all rights reserved.
Schweitzer Classification
Other editions
Additional editions
Anne Kohnke | Dan Shoemaker | Ken E. Sigler
The Complete Guide to Cybersecurity Risks and Controls
Book
04/2016
1st Edition
Auerbach Publishers Inc.
€176.70
Shipment within 15-20 days
Anne Kohnke | Dan Shoemaker | Ken E. Sigler
The Complete Guide to Cybersecurity Risks and Controls
E-Book
03/2016
Auerbach Publishers Inc.
€62.99
Available for download
Anne Kohnke | Dan Shoemaker | Ken E. Sigler
The Complete Guide to Cybersecurity Risks and Controls
E-Book
03/2016
1st Edition
Auerbach
€63.49
Available for download
Persons
Anne Kohnke, PhD, is an assistant professor of IT at Lawrence Technological University and teaches courses in both the information technology and organization development/change management disciplines at the bachelor through doctorate levels. Anne started as an adjunct professor in 2002 and joined the faculty full time in 2011. Her IT career started in the mid-1980s on a help desk, and over the years, Anne developed technical proficiency as a database administrator, network engineer, systems analyst, and technical project manager. After a decade, Anne was promoted to management and worked as an IT director, vice president of IT and chief information security officer (CISO). Her research focuses on cybersecurity, risk management, IT governance, and security countermeasures. Anne earned her PhD from Benedictine University.
Daniel P. Shoemaker, PhD, is principal investigator and senior research scientist at the University of Detroit Mercy's Center for Cyber Security and Intelligence Studies. Dan has served 30 years as a professor at UDM with 25 of those years as department chair. He served as a co-chair for both the Workforce Training and Education and the Software and Supply Chain Assurance Initiatives for the Department of Homeland Security, and was a subject matter expert for the NICE Cybersecurity Workforce Framework 2.0. Dan has coauthored six books in the field of cybersecurity and has authored more than one hundred journal publications. Dan earned his PhD from the University of Michigan.
Ken Sigler, MS, is a faculty member of the Computer Information Systems (CIS) program at the Auburn Hills campus of Oakland Community College in Michigan. His primary research is in the areas of software management, software assurance, and cloud computing. He developed the college's CIS program option entitled "Information Technologies for Homeland Security." Until 2007, Ken served as the liaison for the college to the International Cybersecurity Education Coalition (ICSEC), of which he is one of three founding members. Ken is a member of IEEE, the Distributed Management Task Force (DMTF), and the Association for Information Systems (AIS).
Daniel P. Shoemaker, PhD, is principal investigator and senior research scientist at the University of Detroit Mercy's Center for Cyber Security and Intelligence Studies. Dan has served 30 years as a professor at UDM with 25 of those years as department chair. He served as a co-chair for both the Workforce Training and Education and the Software and Supply Chain Assurance Initiatives for the Department of Homeland Security, and was a subject matter expert for the NICE Cybersecurity Workforce Framework 2.0. Dan has coauthored six books in the field of cybersecurity and has authored more than one hundred journal publications. Dan earned his PhD from the University of Michigan.
Ken Sigler, MS, is a faculty member of the Computer Information Systems (CIS) program at the Auburn Hills campus of Oakland Community College in Michigan. His primary research is in the areas of software management, software assurance, and cloud computing. He developed the college's CIS program option entitled "Information Technologies for Homeland Security." Until 2007, Ken served as the liaison for the college to the International Cybersecurity Education Coalition (ICSEC), of which he is one of three founding members. Ken is a member of IEEE, the Distributed Management Task Force (DMTF), and the Association for Information Systems (AIS).
Content
Why Cybersecurity Management Is Important. Control-Based Information Governance, What It Is and How It Works. A Survey of Control Frameworks, General Structure, and Application. What Are Controls and Why Are They Important? Implementing a Multitiered Governance and Control Framework in a Business. Risk Management and Prioritization Using a Control Perspective. Control Formulation and Implementation Process. Security Control Validation and Verification. Control Framework Sustainment and Security of Operations.