東華大學圖書館 |

Information security planning = a practical approach /

紀錄類型:	書目-電子資源 : Monograph/item
正題名/作者:	Information security planning/ by Susan Lincke.
其他題名:	a practical approach /
作者:	Lincke, Susan.
出版者:	Cham :Springer International Publishing : : 2024.,
面頁冊數:	xxi, 445 p. :ill. (some col.), digital ;24 cm.
內容註:	Part. I. The Problem of Security -- Chapter. 1. Security Awareness: Brave New World -- Chapter. 2. Combatting Fraud -- Chapter. 3. Complying with the PCI DSS Standard -- Part. II. Strategic Security Planning -- Chapter. 4. Managing Risk -- Chapter. 5. Addressing Business Impact Analysis and Business Continuity -- Chapter. 6. Governing: Policy, Maturity Models and Planning -- Part. III. Tactical Security Planning -- Chapter. 7. Designing Information Security -- Chapter. 8. Planning for Network Security -- Chapter. 9. Designing Physical Security -- Chapter. 10. Attending to Information Privacy -- Chapter. 11. Planning for Alternative Networks: Cloud Security and Zero Trust -- Chapter. 12. Organizing Personnel Security -- Part. IV. Planning for Detect, Respond, Recover -- Chapter. 13. Planning for Incident Response -- Chapter. 14. Defining Security Metrics -- Chapter. 15. Performing an Audit or Security Test -- Chapter. 16. Preparing for Forensic Analysis -- Part. V. Complying with National Regulations and Ethics -- Chapter. 17. Complying with the European Union General Data Protection Regulation (GDPR) -- Chapter. 18. Complying with U.S. Security Regulations -- Chapter. 19. Complying with HIPAA and HITECH -- Chapter. 20. Maturing Ethical Risk -- Part. VI. Developing Secure Software -- Chapter. 21. Understanding Software Threats and Vulnerabilities -- Chapter. 22. Defining a Secure Software Process -- Chapter. 23. Planning for Secure Software Requirements and Design with UML.
Contained By:	Springer Nature eBook
標題:	Computer security. -
電子資源:	https://doi.org/10.1007/978-3-031-43118-0
ISBN:	9783031431180

Information security planning = a practical approach /
Lincke, Susan.

Information security planninga practical approach /[electronic resource] :by Susan Lincke. - Second edition. - Cham :Springer International Publishing :2024. - xxi, 445 p. :ill. (some col.), digital ;24 cm.

Part. I. The Problem of Security -- Chapter. 1. Security Awareness: Brave New World -- Chapter. 2. Combatting Fraud -- Chapter. 3. Complying with the PCI DSS Standard -- Part. II. Strategic Security Planning -- Chapter. 4. Managing Risk -- Chapter. 5. Addressing Business Impact Analysis and Business Continuity -- Chapter. 6. Governing: Policy, Maturity Models and Planning -- Part. III. Tactical Security Planning -- Chapter. 7. Designing Information Security -- Chapter. 8. Planning for Network Security -- Chapter. 9. Designing Physical Security -- Chapter. 10. Attending to Information Privacy -- Chapter. 11. Planning for Alternative Networks: Cloud Security and Zero Trust -- Chapter. 12. Organizing Personnel Security -- Part. IV. Planning for Detect, Respond, Recover -- Chapter. 13. Planning for Incident Response -- Chapter. 14. Defining Security Metrics -- Chapter. 15. Performing an Audit or Security Test -- Chapter. 16. Preparing for Forensic Analysis -- Part. V. Complying with National Regulations and Ethics -- Chapter. 17. Complying with the European Union General Data Protection Regulation (GDPR) -- Chapter. 18. Complying with U.S. Security Regulations -- Chapter. 19. Complying with HIPAA and HITECH -- Chapter. 20. Maturing Ethical Risk -- Part. VI. Developing Secure Software -- Chapter. 21. Understanding Software Threats and Vulnerabilities -- Chapter. 22. Defining a Secure Software Process -- Chapter. 23. Planning for Secure Software Requirements and Design with UML.

This book demonstrates how information security requires a deep understanding of an organization's assets, threats and processes, combined with the technology that can best protect organizational security. It provides step-by-step guidance on how to analyze business processes from a security perspective, while also introducing security concepts and techniques to develop the requirements and design for security technologies. This interdisciplinary book is intended for business and technology audiences, at student or experienced levels. Organizations must first understand the particular threats that an organization may be prone to, including different types of security attacks, social engineering, and fraud incidents, as well as addressing applicable regulation and security standards. This international edition covers Payment Card Industry Data Security Standard (PCI DSS), American security regulation, and European GDPR. Developing a risk profile helps to estimate the potential costs that an organization may be prone to, including how much should be spent on security controls. Security planning then includes designing information security, as well as network and physical security, incident response and metrics. Business continuity considers how a business may respond to the loss of IT service. Optional areas that may be applicable include data privacy, cloud security, zero trust, secure software requirements and lifecycle, governance, introductory forensics, and ethics. This book targets professionals in business, IT, security, software development or risk. This text enables computer science, information technology, or business students to implement a case study for an industry of their choosing.

ISBN: 9783031431180

Standard No.: 10.1007/978-3-031-43118-0doiSubjects--Topical Terms:

540555
Computer security.

LC Class. No.: QA76.9.A25

Dewey Class. No.: 005.8

Information security planning = a practical approach /
LDR:04225nmm a2200337 a 4500 001 2368553
003 DE-He213
005 20240116205407.0
006 m d
007 cr nn 008maaau
008 241127s2024 sz s 0 eng d
020 $a 9783031431180 $q (electronic bk.)
020 $a 9783031431173 $q (paper)
024 7 $a 10.1007/978-3-031-43118-0 $2 doi
035 $a 978-3-031-43118-0
040 $a GP $c GP
041 0 $a eng
050 4 $a QA76.9.A25
072 7 $a UR $2 bicssc
072 7 $a COM053000 $2 bisacsh
072 7 $a UR $2 thema
082 0 4 $a 005.8 $2 23
090 $a QA76.9.A25 $b L736 2024
100 1 $a Lincke, Susan. $3 2156372
245 1 0 $a Information security planning $h [electronic resource] : $b a practical approach / $c by Susan Lincke.
250 $a Second edition.
260 $a Cham : $b Springer International Publishing : $b Imprint: Springer, $c 2024.
300 $a xxi, 445 p. : $b ill. (some col.), digital ; $c 24 cm.
505 0 $a Part. I. The Problem of Security -- Chapter. 1. Security Awareness: Brave New World -- Chapter. 2. Combatting Fraud -- Chapter. 3. Complying with the PCI DSS Standard -- Part. II. Strategic Security Planning -- Chapter. 4. Managing Risk -- Chapter. 5. Addressing Business Impact Analysis and Business Continuity -- Chapter. 6. Governing: Policy, Maturity Models and Planning -- Part. III. Tactical Security Planning -- Chapter. 7. Designing Information Security -- Chapter. 8. Planning for Network Security -- Chapter. 9. Designing Physical Security -- Chapter. 10. Attending to Information Privacy -- Chapter. 11. Planning for Alternative Networks: Cloud Security and Zero Trust -- Chapter. 12. Organizing Personnel Security -- Part. IV. Planning for Detect, Respond, Recover -- Chapter. 13. Planning for Incident Response -- Chapter. 14. Defining Security Metrics -- Chapter. 15. Performing an Audit or Security Test -- Chapter. 16. Preparing for Forensic Analysis -- Part. V. Complying with National Regulations and Ethics -- Chapter. 17. Complying with the European Union General Data Protection Regulation (GDPR) -- Chapter. 18. Complying with U.S. Security Regulations -- Chapter. 19. Complying with HIPAA and HITECH -- Chapter. 20. Maturing Ethical Risk -- Part. VI. Developing Secure Software -- Chapter. 21. Understanding Software Threats and Vulnerabilities -- Chapter. 22. Defining a Secure Software Process -- Chapter. 23. Planning for Secure Software Requirements and Design with UML.
520 $a This book demonstrates how information security requires a deep understanding of an organization's assets, threats and processes, combined with the technology that can best protect organizational security. It provides step-by-step guidance on how to analyze business processes from a security perspective, while also introducing security concepts and techniques to develop the requirements and design for security technologies. This interdisciplinary book is intended for business and technology audiences, at student or experienced levels. Organizations must first understand the particular threats that an organization may be prone to, including different types of security attacks, social engineering, and fraud incidents, as well as addressing applicable regulation and security standards. This international edition covers Payment Card Industry Data Security Standard (PCI DSS), American security regulation, and European GDPR. Developing a risk profile helps to estimate the potential costs that an organization may be prone to, including how much should be spent on security controls. Security planning then includes designing information security, as well as network and physical security, incident response and metrics. Business continuity considers how a business may respond to the loss of IT service. Optional areas that may be applicable include data privacy, cloud security, zero trust, secure software requirements and lifecycle, governance, introductory forensics, and ethics. This book targets professionals in business, IT, security, software development or risk. This text enables computer science, information technology, or business students to implement a case study for an industry of their choosing.
650 0 $a Computer security. $3 540555
650 0 $a Computer networks $x Security measures. $3 579161
650 0 $a Data protection. $3 590548
650 1 4 $a Principles and Models of Security. $3 3382356
650 2 4 $a Data and Information Security. $3 3538510
650 2 4 $a Privacy. $3 528582
650 2 4 $a Business Information Systems. $3 892640
650 2 4 $a Legal Aspects of Computing. $3 892641
710 2 $a SpringerLink (Online service) $3 836513
773 0 $t Springer Nature eBook
856 4 0 $u https://doi.org/10.1007/978-3-031-43118-0
950 $a Computer Science (SpringerNature-11645)