Chapter 1, Information and Data Security Fundamentals, provides the reader with an overview of key concepts that will be examined throughout this book. The reader will understand the history, key concepts, components of information, and data security. Additionally, the reader will understand how these concepts should balance with business needs.
Chapter 2, Defining the Threat Landscape, understanding the modern threat landscape, helps you as the information security professional in developing a highly effective information security program that can mount a secure defense against modern adversaries in support of your organization's business/mission goals and objectives. In this chapter, you will learn: How to determine what is important to your organization, potential threats to your organization, Types of hackers/adversaries, methods used by the hacker/adversary, and methods of conducting training and awareness as it relates to threats.
Chapter 3, Preparing for Information and Data Security, helps you to learn the important activities required to establish an enterprise-wide information security program with a focus on executive buy-in, policies, procedures, standards, and guidelines. Additionally, you will learn: Planning concepts associated with information security program establishment; Information security program success factors; SDLC Integration of the information security program; Information security program maturity concepts; and best practices related to policies, procedures, standards, and guidelines.
Chapter 4, Information Security Risk Management, explains the fundamentals of information security risk management, which provides the main interface for prioritization and communication between the information security program and the business. Additionally, you will learn: Key information security risk management concepts; How to determine where valuable data is in your organization; Quick risk assessment techniques; How risk management affects different parts of the organization; How to perform information categorization; Security control selection, implementation, and testing; and Authorizing information systems for production operations.
Chapter 5, Developing Your Information and Data Security Plan, speaks about the concepts necessary to develop your information security program plan. Your program plan will be a foundational document that will establish how your information security program will function and interact with the rest of the business. Additionally, you will learn: How to develop the objectives for your information security program, elements of a successful information security program, information security program business / mission alignment, information security program plan elements, and establishing information security program enforcement.
Chapter 6, Continuous Testing and Monitoring, explains that it is important for the information security professional to understand that vulnerabilities in information system are a fact of life that is not going away anytime soon. The key to protecting the modern information system is continued vigilance through continuous technical testing. In this chapter, you will learn: Technical testing capabilities at your disposal, Testing integration into the SDLC, Continuous monitoring considerations, Vulnerability assessment considerations, and Penetration testing considerations.
Chapter 7, Business Continuity/Disaster Recovery Planning, encompasses two separate but related disciplines that work together. Business Continuity Planning serves to ensure that an organization can effectively understand what business processes and information are important to the continued operations and success of the organization. Disaster Recovery Planning serves to develop a technical solution that supports the business needs of the organization in the event of a system outage. In this chapter, you will learn: The scope and focus areas of the BCDR plan and designing, implementing, testing, and maintaining the BCDR plan.
Chapter 8, Incident Response Planning, speaks about an incident response plan and procedures that your information security program implements to ensure that you have adequate and repeatable processes in place to respond to an information security incident that occurs against your organizational network or information systems. In this chapter, you will learn: Why you need an incident response plan, What components make up the incident response plan, Tools and techniques related to incident response, The incident response process, and the OODA loop and how it can be applied to incident response.
Chapter 9, Developing a Security Operations Center, serves as your centralized view into your enterprise information systems. The security operations center goal is to ensure that this view is real-time so that your organization can identify and respond to internal and external threats as quickly as possible. In this chapter, you will learn: What comprises the responsibilities of the security operations center; security operations center tool management and design; security operations center roles, processes, and procedures; and internal versus outsourced security operations center implementation considerations.
Chapter 10, Developing an Information Security Architecture Program, explains that Security Architecture establishes rigorous and comprehensive policies, procedures, and guidelines around the development and operationalization of an Information Security Architecture across the enterprise information technology deployed within an organization. Additionally, you will learn about: Incorporating security architecture into the system development life cycle process, conducting an initial information security analysis, and Developing a security architecture advisement program.
Chapter 11, Cloud Security Consideration, enables on-demand and ubiquitous access to a shared pool of configurable outsourced computing resources such as networks, servers, storage, and applications. In this chapter, you will learn: cloud computing characteristics; Cloud computing service, deployment, and management models; and Special information security consideration as it relates to Cloud Computing.
Chapter 12, Information and Data Security Best Practices, speaks about a selection of best practices to help ensure the overall information security health of your organization's information systems. The topics covered in this chapter include information security best practices related to: user account security, least functionality, updates and patching, secure configurations, application security, and network security.