In June 2017, the Petya ransomware was a global threat that was taking advantage of an SMB flaw in the Windows operating system as a vector to propagate itself. For many enterprises, this became an all-hands-on-deck situation where systems were being patched in order to protect themselves from the ransomware. Microsoft released a patch for CVE-2017-0199 in April 2017 that mitigated the flaw in the SMB protocol that Petya used. If enterprises had strong patch management procedures in place, the already released patch would have been deployed months before Petya became a global threat.
- Preface
- Information and Data Security Fundamentals
- Defining the Threat Landscape
- Preparing for Information and Data Security
- Establishing an information security program
- Information security policies
- Recommended operational policies
- Planning policy
- Access control policy
- Awareness and training policy
- Auditing and accountability policy
- Configuration management policy
- Contingency planning policy
- Identification and authentication policy
- Incident response policy
- Maintenance policy
- Media protection policy
- Personnel security policy
- Physical and environmental protection policy
- Risk assessment policy
- Security assessment policy
- System and communications protection policy
- System and information integrity policy
- Systems and services acquisitions policy
- Summary
- Information Security Risk Management
- What is risk?
- Who owns organizational risk?
- Where is your valuable data?
- Performing a quick risk assessment
- Risk management is an organization-wide activity
- Business operations
- IT operations
- Personnel
- External organization
- Risk management life cycle
- Information categorization
- Data classification steps
- Determining information assets
- Finding information in the environment
- Disaster recovery considerations
- Backup storage considerations
- Organizing information into categories
- Examples of information type categories
- Security control selection
- Security control implementation
- Assessing implemented security controls
- Authorizing information systems to operate
- Monitoring information system security controls
- Calculating risk
- Qualitative risk analysis
- Identifying your organizations threats
- Identifying your organizations vulnerabilities
- Pairing threats with vulnerabilities
- Estimating likelihood
- Estimating impact
- Conducting the risk assessment
- Management choices when it comes to risk
- Quantitative analysis
- Qualitative risk assessment example
- Summary
- Developing Your Information and Data Security Plan
- Continuous Testing and Monitoring
- Business Continuity/Disaster Recovery Planning
- Incident Response Planning
- Do I need an incident response plan?
- Components of an incident response plan
- Preparing the incident response plan
- Identification – detection and analysis
- Identification – incident response tools
- Remediation – containment/recovery/mitigation
- Remediation - incident response tools
- Post incident activity
- Summary
- Developing a Security Operations Center
- Developing an Information Security Architecture Program
- Information security architecture and SDLC/SELC
- Conducting an initial information security analysis
- Purpose and description of the information system
- Determining compliance requirements
- Documenting key information system and project roles
- Defining the expected user types
- Documenting interface requirements
- Documenting external information systems access
- Conducting a business impact assessment
- Conducting an information categorization
- Developing a security architecture advisement program
- Summary
- Cloud Security Consideration
- Cloud computing characteristics
- Cloud computing service models
- Cloud computing deployment models
- Cloud computing management models
- Cloud computing special consideration
- Summary
- Information and Data Security Best Practices
The case for vulnerability management
-
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click here login for view all page.