0%

Book Description

"I loved the quotes at the beginning of each chapter – very interesting and thought-provoking. I also enjoyed the author’s style and his technical expertise shone through," Christopher Wright, Wright CandA Consulting Ltd.

Protecting critical information infrastructure (CII) is not an easy process. Risks need to be minimised and systems adequately protected. It is an endless balancing act, where one side is constantly on the defensive and the other on the offensive. Lessons Learned: Critical Information Infrastructure Protection aims to help you be as successful as possible in protecting your CII, and do so quickly with minimum effort, irrespective of whether you work for a critical infrastructure service provider, a company that organises the provision of critical infrastructure services, or a company that serves critical service providers.

Drawing on more than 20 years of experience in the IT and cyber security sectors, the author defines critical infrastructure services and provides structured lessons for each chapter, summarising each with key takeaways, including how to:

  • Describe the critical infrastructure service and determine its service level;
  • Identify and analyse the interconnections and dependencies of information systems;
  • Create a functioning organisation to protect CII; and
  • Train people to make sure they are aware of cyber threats and know the correct behaviour.
  • The key message – organisations must be prepared to provide critical infrastructure services without IT systems – is reinforced in the final chapter: “We must have some way of continuing to work even if computers fail”, writes Mikko Hypponen.

Understand how you can protect your organisation's critical information infrastructure.

Table of Contents

  1. Cover
  2. Title
  3. Copyright
  4. About The Author
  5. Acknowledgements
  6. Contents
  7. Introduction
  8. Part 1: Critical infrastructure
    1. Chapter 1: Critical infrastructure services
    2. Chapter 2: Description of service and service level
    3. Chapter 3: Providers of critical infrastructure services
    4. Chapter 4: Critical activities and required resources
    5. Chapter 5: Interdependencies of services
    6. Chapter 6: Visualisation of information
  9. Part 2: Critical information infrastructure
    1. Chapter 7: Identification of important information systems
    2. Chapter 8: Interdependencies of information systems
    3. Chapter 9: Focusing and prioritisation
  10. Part 3: Threats, vulnerabilities, risks, impacts
    1. Chapter 10: Threats and vulnerabilities of information systems
    2. Chapter 11: Assessment of the impact of service disruptions
    3. Chapter 12: Risk assessment
  11. Part 4: Protection activities
    1. Chapter 13: Implementation of security measures
    2. Chapter 14: Organisation required to protect critical information infrastructure
    3. Chapter 15: NIS Directive
    4. Chapter 16: Assessment of the security level
    5. Chapter 17: Network scanning
    6. Chapter 18: Business continuity plan and testing
  12. Part 5: Protection system supporting activities
    1. Chapter 19: Reliable relations and maintaining them
    2. Chapter 20: Sharing information
    3. Chapter 21: Training people
  13. Part 6: Perfecting the system
    1. Chapter 22: Improvement of the system
  14. Part 7: Backup plan
    1. Chapter 23: Life without IT
  15. Appendix 1: Lessons learned
  16. ITG Resources
35.171.22.220