0%

Information Security Management, Second Edition arms students with answers to the most critical questions about the fields of cybersecurity. It provides students with references to more in-depth study in areas where they may need to specialize. The Second Edition covers operations—the job of day-to-day cybersecurity tasks—regulations, compliance, laws and policies, research and development, and the creation of software and cyber defenses for security initiatives. Finally, the text covers advanced R&D involved in strategic aspects of security developments for threats that lay on the horizon.

Table of Contents

  1. Cover
  2. Title Page
  3. Copyright Page
  4. Dedication Page
  5. Contents
  6. Preface
  7. Acknowledgments
  8. About the Author
  9. CHAPTER 1 Introduction to Information and Cybersecurity
    1. 1.1 Introduction to Information and Cybersecurity
    2. 1.2 The Study of Information and Cybersecurity
    3. 1.2.1 Concentrating on the Discipline
    4. 1.2.2 Research and Practice in Cybersecurity
    5. 1.3 Information and Cybersecurity
    6. 1.3.1 Technology and Humans-in-the-Loop
    7. 1.3.2 Information and Cybersecurity Basic Concepts
    8. 1.4 Information and Cybersecurity Topics
    9. 1.4.1 Key Information and Cybersecurity Concepts
    10. CHAPTER SUMMARY
    11. IMPORTANT TERMS
    12. THINK ABOUT IT
    13. REFERENCES
  10. CHAPTER 2 Information Security Departments and Roles
    1. 2.1 Software Engineering and Development
    2. 2.1.1 DevOps and Software Development Life Cycle
    3. 2.1.2 DevSecOps
    4. 2.1.3 Information Security Management Life Cycle
    5. 2.1.4 The SDLC and Information Security
    6. 2.1.5 Planning: Failures Are a Rule, Not an Exception
    7. 2.2 Life-Cycle Processes
    8. 2.2.1 Life-Cycle Planning Stages
    9. 2.2.2 Life-Cycle Design and Implementation Stages
    10. 2.3 Operations
    11. 2.3.1 NOC/TOC
    12. 2.3.2 Monitoring Infrastructure with IDS
    13. 2.3.3 Maintaining Operational Capabilities
    14. 2.4 Compliance/Governance
    15. 2.4.1 Compliance and Professional Cybersecurity Training
    16. 2.4.2 Compliance and Behavioral Governance
    17. 2.4.3 Compliance Auditing of Systems and Networks
    18. 2.4.4 Compliance and Data Centers
    19. 2.5 Cybersecurity Incidents
    20. 2.5.1 Handling Inevitable Incidents
    21. 2.5.2 Reporting Security Incidents
    22. 2.5.3 Collecting and Preserving Evidence
    23. 2.5.4 Cyberstalking and Harassment Incidents
    24. CHAPTER SUMMARY
    25. IMPORTANT TERMS
    26. THINK ABOUT IT
    27. REFERENCES
  11. CHAPTER 3 Actors and Practices
    1. 3.1 Getting to Know Your Adversary
    2. 3.1.1 The Insider Threat
    3. 3.1.2 Hacktivist
    4. 3.1.3 State-Sponsored Actor
    5. 3.2 Attack Surface
    6. 3.2.1 Network Security Zones
    7. 3.2.2 Zero Trust Networks
    8. 3.3 Some Cybersecurity Attacks and Countermeasures
    9. 3.3.1 DDoS (Distributed Denial of Service)
    10. 3.3.2 Phishing, Vishing, and Smishing
    11. 3.3.3 Cryptojacking
    12. 3.3.4 Ransomware
    13. 3.3.5 Backdoors
    14. 3.4 Some Specific Attack Scenarios
    15. 3.4.1 ICMP Tunnel Attacks
    16. 3.4.2 ICMP Permutation Attacks
    17. 3.4.3 Network Packet, Frame, or Octet Attacks
    18. 3.4.4 DNS Hijacking
    19. CHAPTER SUMMARY
    20. IMPORTANT TERMS
    21. THINK ABOUT IT
    22. REFERENCES
  12. CHAPTER 4 Corporations: Laws, Regulations, and Policies
    1. 4.1 Business Law and Regulations
    2. 4.1.1 Accountability, Responsibility, and Law
    3. 4.1.2 Intellectual Property
    4. 4.2 Organizational Power Structures
    5. 4.2.1 The Management Discipline
    6. 4.2.2 Management Initiatives and Security
    7. 4.2.3 Information Security Management
    8. 4.2.4 Organizational Structure, Principals, and Agency
    9. 4.2.5 Delegation of Responsibilities and Power
    10. 4.2.6 Fiduciary Responsibilities
    11. 4.2.7 Ethics and Ethical Behavior
    12. 4.3 Law and Enforceable Security Policies
    13. 4.3.1 Enforced and Enforceable Security Policies
    14. 4.3.2 Policies and Controls
    15. CHAPTER SUMMARY
    16. IMPORTANT TERMS
    17. THINK ABOUT IT
    18. REFERENCES
  13. CHAPTER 5 Information Security Management
    1. 5.1 Managing Information Security
    2. 5.1.1 ISML and Strategy
    3. 5.1.2 ISML and Governance Frameworks
    4. 5.2 Technology Management and Governance
    5. 5.2.1 Governance and Security Programs
    6. 5.2.2 Enacting Security Programs
    7. 5.3 Control Frameworks
    8. 5.3.1 ITIL / ITSM
    9. 5.3.2 COBIT
    10. 5.3.3 ISO 27K IT Security Control Selection
    11. 5.3.4 NIST 800-53
    12. CHAPTER SUMMARY
    13. IMPORTANT TERMS
    14. THINK ABOUT IT
    15. REFERENCES
  14. CHAPTER 6 Assessing Threats and Vulnerabilities
    1. 6.1 Threat Classifications and Infrastructure
    2. 6.1.1 Internet of Things (IoT)
    3. 6.1.2 Cloud Computing
    4. 6.1.3 Servers and Host Computers
    5. 6.1.4 Networking
    6. 6.1.5 Programming Languages and Resource Files
    7. 6.1.6 RDF and Ontology Markup
    8. 6.1.7 Active Semantic Systems
    9. 6.1.8 Agent Frameworks and Semantic Fusion
    10. 6.2 Threats and Vulnerabilities
    11. 6.2.1 Mobility and Threats
    12. 6.2.2 Interconnectivity and Insecurity
    13. 6.2.3 Security Countermeasures and Unintended Consequences
    14. 6.3 Broad Attack Classifications and Examples
    15. 6.3.1 Information System Attack Examples
    16. 6.3.2 Giving Attackers Information
    17. CHAPTER SUMMARY
    18. IMPORTANT TERMS
    19. THINK ABOUT IT
    20. REFERENCES
  15. CHAPTER 7 Risk Assessments and Risk Management
    1. 7.1 Assessing Risks
    2. 7.1.1 Identifying and Classifying Security Risks
    3. 7.1.2 Cybersecurity Response and Governance
    4. 7.2 Risks and Management
    5. 7.2.1 Risks and Countermeasures
    6. 7.2.2 Hoping for the Best, Planning for the Worst
    7. 7.3 Risk Assessment Overview
    8. 7.3.1 Risk Mitigation
    9. 7.3.2 Cybersecurity Hygiene
    10. 7.4 Risk Determination Frameworks
    11. 7.4.1 Risk Determination and Management Frameworks
    12. 7.4.2 OCTAVE
    13. 7.4.3 NIST 800-30
    14. 7.4.4 Using the Frameworks for Implementing Plans
    15. CHAPTER SUMMARY
    16. IMPORTANT TERMS
    17. THINK ABOUT IT
    18. REFERENCES
  16. CHAPTER 8 Computer Architecture and Security Models
    1. 8.1 Security Models versus Policies
    2. 8.1.1 Computer Architecture and Systems Security
    3. 8.1.2 Security Models and Systems Architecture
    4. 8.1.3 Security Models and Computer Architecture
    5. 8.2 Security Models and Countermeasures
    6. 8.2.1 Security Models, Clark–Wilson Example
    7. 8.2.2 Security Models and Stances
    8. 8.2.3 Countermeasures and Security Models
    9. 8.3 Extending Security with Defense-In-Depth
    10. 8.3.1 Trusted Computing Base (TCB) and Common Criteria
    11. 8.3.2 Evaluation and Certification
    12. 8.3.3 Computer Security Controls
    13. 8.3.4 Threats to Computer Security
    14. 8.4 Computer Security and Hardening Systems
    15. 8.4.1 Ensuring a Trusted Configuration
    16. 8.4.2 Password Protections
    17. 8.4.3 User Authentication
    18. 8.5 Biometrics
    19. 8.5.1 Biometric Uses
    20. 8.5.2 Biometric Security Process and Information Protection
    21. 8.5.3 Biometrics and Errors
    22. 8.5.4 Biometric Errors and Technology
    23. 8.5.5 Biometrics in Computer Security
    24. 8.6 Secure Software Development and DevSecOps
    25. 8.6.1 Secure Systems Development and Implementation
    26. 8.6.2 Computer Security and Configuration Management
    27. CHAPTER SUMMARY
    28. IMPORTANT TERMS
    29. THINK ABOUT IT
    30. REFERENCES
  17. CHAPTER 9 Security Policies and Managing Behaviors
    1. 9.1 Security and Policies
    2. 9.1.1 Security Policies and Employment Law
    3. 9.1.2 Security Policies and Corrective Action
    4. 9.2 Monitoring and Security Policies
    5. 9.2.1 Monitoring as a Policy
    6. 9.2.2 Information Collection and Storage
    7. 9.2.3 Monitoring and Organizational Justice
    8. 9.2.4 Surveillance and Trust
    9. 9.2.5 Virtual Work, Security, and Privacy
    10. 9.3 Managing Security Behaviors
    11. 9.3.1 Organizational Behavior
    12. 9.3.2 Behavior Modification
    13. 9.3.3 Organizational Security Behaviors
    14. 9.3.4 Management of Omission Behaviors
    15. 9.4 Contravention Behaviors, Theory, and Research
    16. 9.4.1 Attacker Motivation, Personality, and Behavior Theory
    17. 9.4.2 Entertainment and Status
    18. 9.4.3 Ideology and Social Acceptance
    19. 9.4.4 Neuroticism, Impulse, and Exploitation
    20. 9.5 Management of Contravention Behaviors
    21. 9.5.1 Responding to the Outside Attacker
    22. 9.5.2 Responding to the Inside Attacker
    23. 9.5.3 Ethics and Employee Attitudes Toward the Law
    24. CHAPTER SUMMARY
    25. IMPORTANT TERMS
    26. THINK ABOUT IT
    27. REFERENCES
  18. CHAPTER 10 Cryptography
    1. 10.1 Cryptography Essentials
    2. 10.1.1 Cryptographic Concepts
    3. 10.1.2 Generating a Simple Cipher Code
    4. 10.1.3 Breaking a Simple Cipher Code
    5. 10.1.4 Ciphertext Dissection and “S” Boxes
    6. 10.1.5 Cryptography and Security Goals
    7. 10.2 Symmetric Cryptography
    8. 10.2.1 Symmetric Ciphers and Keys
    9. 10.2.2 Substitution, Transposition, and Permutation
    10. 10.2.3 Modern Symmetric Ciphers
    11. 10.2.4 Key Issues with Symmetric Cryptography
    12. 10.3 Asymmetric Cryptography
    13. 10.3.1 Private Keys and Asymmetric Cryptography
    14. 10.3.2 Beyond Encrypting Messages
    15. 10.3.3 Key Distribution and PKI
    16. 10.3.4 Public Key Algorithms: RSA as an Example
    17. 10.4 Cryptographic Uses
    18. 10.4.1 IPSec Implementation
    19. 10.4.2 SSL/TLS
    20. 10.4.3 Virtual Private Networks (VPN)
    21. CHAPTER SUMMARY
    22. IMPORTANT TERMS
    23. THINK ABOUT IT
    24. REFERENCES
  19. CHAPTER 11 Network Security, Firewalls, IDS, and SeCM
    1. 11.1 Firewall Systems
    2. 11.1.1 Stateless Screening Filters
    3. 11.1.2 Stateful Packet Inspection
    4. 11.1.3 Circuit Gateway Firewalls
    5. 11.1.4 Application-Layer Firewall
    6. 11.1.5 Bastion Hosts
    7. 11.2 Firewall Architecture
    8. 11.2.1 Belt and Braces Architecture
    9. 11.2.2 Screened Subnet Architecture
    10. 11.2.3 Ontology Based Architecture
    11. 11.3 Cybermonitoring and Scanning Systems
    12. 11.3.1 IDS Detection Methods
    13. 11.3.2 IDSs and IPSs
    14. 11.3.3 Code and Application Scanning
    15. 11.4 Information and Cybersecurity Management
    16. 11.4.1 SeCM and CM
    17. 11.4.2 CM and Computer Security Procedures and Frameworks
    18. 11.4.3 Security Management Planning—System Level
    19. 11.4.4 Configuring to a Secure State
    20. 11.4.5 Managed Enterprises
    21. 11.4.6 Managed Legacy Systems
    22. 11.4.7 Extended Guidelines
    23. 11.4.8 Center for Internet Security Benchmarks
    24. 11.4.9 Maintaining the Secure State
    25. 11.4.10 Conducting a Security Impact Analysis
    26. 11.4.11 Certification and Accreditation
    27. CHAPTER SUMMARY
    28. IMPORTANT TERMS
    29. THINK ABOUT IT
    30. REFERENCES
  20. CHAPTER 12 Information Security Horizons
    1. 12.1 Cybersecurity Analytics and Machine Learning
    2. 12.1.1 Machine Learning and Models
    3. 12.1.2 Machine Learning and Natural Language Processing
    4. 12.1.3 Traffic Analysis
    5. 12.2 Game Theory and Predictive Models
    6. 12.2.1 Inductive Predictions
    7. 12.2.2 Deductive Predictions
    8. 12.2.3 Game Theory and Attack Modeling
    9. 12.3 Reasoning and Inference
    10. 12.3.1 Reasoning Systems
    11. 12.3.2 Ontology and Epistemology
    12. 12.3.3 Inference and the Ontological to Epistemic Transformation
    13. 12.4 Heuristics and AI Decision Systems
    14. 12.4.1 Reasoning: Discrete versus Equivocal Problems
    15. 12.4.2 Synthetic Heuristics
    16. 12.4.3 Issues with Synthetic Heuristic Systems
    17. 12.4.4 Combining Techniques
    18. 12.5 Heuristic Biases and Security Planning
    19. 12.5.1 AI Decisions, Naïve Theories, and Biases
    20. 12.5.2 Interactions of Biases and Framing Effects
    21. 12.5.3 Biases, Framing Effects, and Security Decisions
    22. 12.6 Biologically Inspired Security and Adaptive Systems
    23. 12.6.1 Self-Healing Adaptive Systems
    24. 12.6.2 Damage and Danger
    25. 12.6.3 Trusted Security Kernels
    26. 12.6.4 Social Systems
    27. 12.6.5 Social Systems and Security Adaptation
    28. 12.6.6 Collective Agency, Availability, and Integrity
    29. 12.7 Sociobiologically Inspired Systems—A Final Case
    30. 12.7.1 Novelty as Potential Danger
    31. 12.7.2 Sociobiological Behavior as Goal-Directed Behavior
    32. 12.7.3 Adaptive Synthetic Systems
    33. 12.7.4 Challenges for Ad Hoc Networks and Adaptive Systems
    34. CHAPTER SUMMARY
    35. IMPORTANT TERMS
    36. THINK ABOUT IT
    37. REFERENCES
  21. Appendix: Think About IT Answers
  22. Index
3.238.79.169