Purpose of This Book

This book is part of the Information Systems Security & Assurance Series from Jones & Bartlett Learning (www.jblearning.com). Designed for courses and curriculums in IT security, cybersecurity, information assurance, and information systems security, this series features a comprehensive, consistent treatment of the most current thinking and trends in this critical subject area. These titles deliver fundamental information-security principles packed with real-world applications and examples. Authored by professionals experienced in information systems security, they deliver comprehensive information on all aspects of information security. Reviewed word for word by leading technical experts in the field, these books are not just current, but forward-thinking—putting you in the position to solve the cybersecurity challenges not just of today, but of tomorrow as well.

Part 1 of this book examines the evolutionary changes that have occurred in computer technology and personal and business communications, and social interaction and networking on the internet and World Wide Web. It also covers relevant security considerations for small businesses and personal users.

Part 2 reviews the risks, threats, and vulnerabilities associated with web applications, including the risks, threats, and vulnerabilities associated with websites, especially those, like social networking, which allow perpetrators to plant malicious code and malware with widespread global impact. The best practices to apply security to the development, deployment, and maintenance of a website and its applications and services to prevent, mitigate, and avoid these threats are explored. Common sense and best practices for online privacy and securing your privacy data are presented, providing you with countermeasures to protect your privacy and privacy data.

Part 3 presents the next and greatest business challenge—securing the mobile user. With web applications and social networking now being accessed remotely and from mobile wireless connected devices, these devices are at risk. This part of the book explores mobile communications security, given the rapid use of 4G and 5G wireless networking for mobile communication. You also learn about VoIP- and SIP-enabled applications, such as unified communications, and how they provide real-time communications for both personal and business use. Finally, web-security organizations, standards organizations, education, training, and certification organizations are presented to provide you with additional resources and planning strategies for a career in secure web application design and development.

Learning Features

The writing style of this book is practical and conversational. Step-by-step examples of information security concepts and procedures are presented throughout the text. Each chapter begins with a statement of learning objectives. Illustrations are used both to clarify the material and to vary the presentation. The text is sprinkled with Notes, Tips, FYIs, Warnings, and sidebars to alert the reader to additional helpful information related to the subject under discussion. Chapter Assessments appear at the end of each chapter, with solutions provided in Appendix A. Chapter summaries are included in the text to provide a rapid review or preview of the material and to help students understand the relative importance of the concepts presented.