Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Advanced Search Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Information Security Handbook
  • Toc
  • feedback
Information Security Handbook

Information Security Handbook

By : Darren Death
5 (5)
close
Information Security Handbook

Information Security Handbook

5 (5)
By: Darren Death

Overview of this book

Information Security Handbook is a practical guide that’ll empower you to take effective actions in securing your organization’s assets. Whether you are an experienced security professional seeking to refine your skills or someone new to the field looking to build a strong foundation, this book is designed to meet you where you are and guide you toward improving your understanding of information security. Each chapter addresses the key concepts, practical techniques, and best practices to establish a robust and effective information security program. You’ll be offered a holistic perspective on securing information, including risk management, incident response, cloud security, and supply chain considerations. This book has distilled years of experience and expertise of the author, Darren Death, into clear insights that can be applied directly to your organization’s security efforts. Whether you work in a large enterprise, a government agency, or a small business, the principles and strategies presented in this book are adaptable and scalable to suit your specific needs. By the end of this book, you’ll have all the tools and guidance needed to fortify your organization’s defenses and expand your capabilities as an information security practitioner.
Table of Contents (16 chapters)
close
close
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Conventions used
Get in touch
Reviews
Share Your Thoughts
Download a free PDF copy of this book
1
Chapter 1: Information and Data Security Fundamentals
Chapter 1: Information and Data Security Fundamentals
Introduction
Information security challenges
Evolution of cybercrime
The modern role of information security
Information assurance
The CIA triad
Risk management
Summary
Free Chapter
2
Chapter 2: Defining the Threat Landscape
chevron up
Chapter 2: Defining the Threat Landscape
Understanding the organizational context
Threats
Hackers and hacking
Closing information system vulnerabilities
Summary
3
Chapter 3: Laying a Foundation for Information and Data Security
Chapter 3: Laying a Foundation for Information and Data Security
Developing a comprehensive information security program
Leveraging existing frameworks instead of building from scratch
Essential factors for information security program success
Information security policies
Summary
4
Chapter 4: Information Security Risk Management
Chapter 4: Information Security Risk Management
What is information security risk?
Understanding the ownership and management of information security risk
Identifying and protecting your organization’s 
valuable data
Conducting a quick risk assessment
Risk management is an organizational-wide activity
The life cycle of risk management in information security
Information classification and its importance in information security
Steps in the data classification process
Establishing impact
Security control selection
Calculating risk – a comprehensive look at qualitative and quantitative risk assessments
Identifying threats and choosing the right approach
Exploring management approaches to risk
Summary
5
Chapter 5: Developing Your Information and Data Security Plan
Chapter 5: Developing Your Information and Data Security Plan
Determining your information security program objectives
Foundational information security activities to consider
Successful information security program elements
Rightsizing your information security program
Principles to guarantee the success of your information security program
Information security program plan elements
Summary
6
Chapter 6: Continuous Testing and Monitoring
Chapter 6: Continuous Testing and Monitoring
Types of technical testing
SDLC considerations for testing
SDLC summary
Continuous monitoring
Vulnerability assessment
Penetration testing
Difference between vulnerability assessments and penetration testing
Summary
7
Chapter 7: Business Continuity/Disaster Recovery Planning
Chapter 7: Business Continuity/Disaster Recovery Planning
Introduction to BCDR
Designing a BCDR plan
Defining technical DR mechanisms
Developing your plan
Testing the BCDR plan
Summary
8
Chapter 8: Incident Response Planning
Chapter 8: Incident Response Planning
What is an IRP?
Preparation of an IRP
Identification – detection and analysis
Identification – incident response tools
Remediation – containment/recovery/mitigation
Remediation – incident response tools
Post-incident activity
Summary
9
Chapter 9: Developing a Security Operations Center
Chapter 9: Developing a Security Operations Center
What is a SOC?
Management of SOC tools
SOC toolset design
SOC roles
Processes and procedures
SOC tools
Summary
10
Chapter 10: Developing an Information Security Architecture Program
Chapter 10: Developing an Information Security Architecture Program
What is information security architecture?
Information security architecture and SDLC/SELC
Conducting an initial information security analysis
Developing a security architecture advisement program
Information security architecture process
Summary
11
Chapter 11: Cloud Security Considerations
Chapter 11: Cloud Security Considerations
Importance of cloud computing
Cloud computing service models
Cloud computing deployment models
Cloud computing management models
Special considerations for cloud computing
Summary
12
Chapter 12: Zero Trust Architecture in Information Security
Chapter 12: Zero Trust Architecture in Information Security
Zero Trust and its principles
The history of Zero Trust
Importance of Zero Trust in cybersecurity
Shifting from traditional perimeter-based security
The pillars of Zero Trust
Summary
13
Chapter 13: Third-Party and Supply Chain Security
Chapter 13: Third-Party and Supply Chain Security
Understanding C-SCRM and its importance
The challenges in managing supply chain cybersecurity risks
The risks associated with supply chains
The consequences of supply chain risks
Methods to identify supply chain risks
Assessing the severity and likelihood of C-SCRM risks
Strategies to mitigate supply chain risks
Integrating C-SCRM into security program and business activities
Monitoring and reviewing C-SCRM practices
Summary
14
Index
Index
Why subscribe?
15
Other Books You May Enjoy
Other Books You May Enjoy
Packt is searching for authors like you
Share Your Thoughts
Download a free PDF copy of this book

Closing information system vulnerabilities

A vulnerability refers to a weakness in a piece of technology, such as a workstation, server, router, software, cloud, or process, that undermines the system’s ability to provide adequate security assurance that the threat actors will use that have been previously discussed. Three aspects must be considered to assess a vulnerability properly:

  1. First, the information system’s susceptibility to a particular flaw must be determined. This review involves ascertaining whether the specific version of the technology or software in question meets the criteria for the vulnerability to exist.
  2. Next, it must be determined whether an attacker can access the information system to exploit the flaw. Depending on the technology and location, an attacker may not have immediate access to the system. This information helps prioritize vulnerabilities as it relates to enterprise vulnerability management.
  3. Finally, whether sufficient means exist to exploit the flaw must be determined. If an active exploit exists in the wild for a given vulnerability, it should be considered a high-priority vulnerability to be addressed immediately.

After carefully reviewing the characteristics of vulnerabilities related to a specific information system, an information security professional can determine the attack surface for a given vulnerability and prioritize how the enterprise should mitigate the vulnerability. Hundreds of vulnerabilities may exist in an information system at any time. Therefore, the information security professional must be able to prioritize critical vulnerabilities that must be addressed immediately, while other vulnerabilities can be managed more methodically and reasonably over time. The following table provides more details related to this concept.

Example Triage Chart for Vulnerabilities

All Hands on Deck

Planned Methodical Deployment
  • Vulnerability can be executed over the network
  • Information system is exposed to the internet
  • An information system is not patched correctly and is running an old version of server software or operating system software
  • Vulnerability requires physical access to be exploited
  • The information system is well protected within the network
  • The server is maintained and adequately patched

Table 2.1

Vulnerability management

It is essential to understand that many situations that require an all hands on deck response in information security are often a result of poor management of the enterprise information system. If an organization’s information system is not regularly patched, it can create serious vulnerabilities that must be addressed immediately. Vulnerability management is identifying and addressing vulnerabilities within an organization’s information system. The process involves several steps:

  1. Firstly, the organization must identify vulnerabilities in its specific information system. This identification can be made through enterprise vulnerability management tools, such as Nessus, as well as staying up to date with information security blogs and subscribing to security sites for the vendors they use.
  2. Secondly, the organization must triage the vulnerabilities and determine the level of risk they pose to the organization. The information security professional must communicate this risk effectively and determine whether an all hands on deck or a planned approach to a vulnerability is needed.
  3. Thirdly, the organization must research, plan, and deploy the appropriate mitigations for applicable vulnerabilities. There may be multiple tasks involved in vulnerability mitigation. The information security professional must fully understand these steps, communicate them to stakeholders, and adequately deploy the appropriate countermeasures to mitigate the vulnerability.
  4. Finally, the organization must continuously monitor the information system to ensure that vulnerabilities have been fully mitigated. Utilizing a vulnerability assessment tool during the vulnerability mitigation process will allow the organization to continuously assess its information system, track progress, and understand when they have successfully met its goal.
End of Section 5
Next Section
bookmark search playlist font-size

Change the font size

margin-width

Change margin width

day-mode

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Delete Bookmark

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete