Information Security Fundamentals
2nd Edition
Published on 16. October 2013
Book
Paperback/Softback
438 pages
978-1-4398-1062-0 (ISBN)
Description
Developing an information security program that adheres to the principle of security as a business enabler must be the first step in an enterprise's effort to build an effective security program. Following in the footsteps of its bestselling predecessor, Information Security Fundamentals, Second Edition provides information security professionals with a clear understanding of the fundamentals of security required to address the range of issues they will experience in the field.
The book examines the elements of computer security, employee roles and responsibilities, and common threats. It discusses the legal requirements that impact security policies, including Sarbanes-Oxley, HIPAA, and the Gramm-Leach-Bliley Act. Detailing physical security requirements and controls, this updated edition offers a sample physical security policy and includes a complete list of tasks and objectives that make up an effective information protection program.
Includes ten new chapters
Broadens its coverage of regulations to include FISMA, PCI compliance, and foreign requirements
Expands its coverage of compliance and governance issues
Adds discussions of ISO 27001, ITIL, COSO, COBIT, and other frameworks
Presents new information on mobile security issues
Reorganizes the contents around ISO 27002
The book discusses organization-wide policies, their documentation, and legal and business requirements. It explains policy format with a focus on global, topic-specific, and application-specific policies. Following a review of asset classification, it explores access control, the components of physical security, and the foundations and processes of risk analysis and risk management.
The text concludes by describing business continuity planning, preventive controls, recovery strategies, and how to conduct a business impact analysis. Each chapter in the book has been written by a different expert to ensure you gain the comprehensive understanding of what it takes to develop an effective information security program.
The book examines the elements of computer security, employee roles and responsibilities, and common threats. It discusses the legal requirements that impact security policies, including Sarbanes-Oxley, HIPAA, and the Gramm-Leach-Bliley Act. Detailing physical security requirements and controls, this updated edition offers a sample physical security policy and includes a complete list of tasks and objectives that make up an effective information protection program.
Includes ten new chapters
Broadens its coverage of regulations to include FISMA, PCI compliance, and foreign requirements
Expands its coverage of compliance and governance issues
Adds discussions of ISO 27001, ITIL, COSO, COBIT, and other frameworks
Presents new information on mobile security issues
Reorganizes the contents around ISO 27002
The book discusses organization-wide policies, their documentation, and legal and business requirements. It explains policy format with a focus on global, topic-specific, and application-specific policies. Following a review of asset classification, it explores access control, the components of physical security, and the foundations and processes of risk analysis and risk management.
The text concludes by describing business continuity planning, preventive controls, recovery strategies, and how to conduct a business impact analysis. Each chapter in the book has been written by a different expert to ensure you gain the comprehensive understanding of what it takes to develop an effective information security program.
More details
Edition
2nd edition
Language
English
Place of publication
Washington
United States
Target group
College/higher education
Professional and scholarly
Professional Practice & Development
Product notice
Paperback (trade)
Unsewn / adhesive bound
Illustrations
103 s/w Abbildungen, 13 s/w Tabellen
13 Tables, black and white; 103 Illustrations, black and white
Dimensions
Height: 234 mm
Width: 152 mm
Thickness: 23 mm
Weight
612 gr
ISBN-13
978-1-4398-1062-0 (9781439810620)
Copyright in bibliographic data and cover images is held by Nielsen Book Services Limited or by the publishers or by their respective licensors: all rights reserved.
Schweitzer Classification
Other editions
Additional editions
Thomas R. Peltier
Information Security Fundamentals
Book
07/2017
2nd Edition
CRC Press
€252.40
Shipment within 10-20 days
Thomas R. Peltier
Information Security Fundamentals
E-Book
10/2013
2nd Edition
Auerbach
€86.99
Available for download
Thomas R. Peltier
Information Security Fundamentals
E-Book
10/2013
2nd Edition
Auerbach
€86.99
Available for download
Previous edition
John A. Blackley | Thomas R. Peltier | Justin Peltier
Information Security Fundamentals
Book
10/2004
1st Edition
Auerbach
€64.36
Article exhausted; check for reprint
Person
Thomas R. Peltier
Content
Developing Policies. Organization of Information Security. Cryptology. Risk Management. Building and Maintaining an Effective Security Awareness Program. Physical Security. Disaster Recovery and Business Continuity Planning;. Continuity of Operations Planning. Access Controls. Information System Development, Acquisition, and Maintenance. Information Security Incident Management. Asset Classification. Threats to Information Security. Information Security Policies: A Practitioner's View. Glossary. Appendices: Facilitated Risk Analysis and Assessment Process. Business Impact Analysis.