Developing Cybersecurity Programs and Policies

ISBN-10: 0134858549
ISBN-13: 9780134858548
Category: Computers
Pages: 99998
Language: English
Published: 2018-07-20
Publisher: Pearson IT Certification
Author: Omar Santos

Description

All the Knowledge You Need to Build Cybersecurity Programs and Policies That Work Clearly presents best practices, governance frameworks, and key standards Includes focused coverage of healthcare, finance, and PCI DSS compliance An essential and invaluable guide for leaders, managers, and technical professionals Today, cyberattacks can place entire organizations at risk. Cybersecurity can no longer be delegated to specialists: success requires everyone to work together, from leaders on down. Developing Cybersecurity Programs and Policies offers start-to-finish guidance for establishing effective cybersecurity in any organization. Drawing on more than 20 years of real-world experience, Omar Santos presents realistic best practices for defining policy and governance, ensuring compliance, and collaborating to harden the entire organization. First, Santos shows how to develop workable cybersecurity policies and an effective framework for governing them. Next, he addresses risk management, asset management, and data loss prevention, showing how to align functions from HR to physical security. You’ll discover best practices for securing communications, operations, and access; acquiring, developing, and maintaining technology; and responding to incidents. Santos concludes with detailed coverage of compliance in finance and healthcare, the crucial Payment Card Industry Data Security Standard (PCI DSS) standard, and the NIST Cybersecurity Framework. Whatever your current responsibilities, this guide will help you plan, manage, and lead cybersecurity–and safeguard all the assets that matter. Learn How To · Establish cybersecurity policies and governance that serve your organization’s needs · Integrate cybersecurity program components into a coherent framework for action · Assess, prioritize, and manage security risk throughout the organization · Manage assets and prevent data loss · Work with HR to address human factors in cybersecurity · Harden your facilities and physical environment · Design effective policies for securing communications, operations, and access · Strengthen security throughout the information systems lifecycle · Plan for quick, effective incident response and ensure business continuity · Comply with rigorous regulations in finance and healthcare · Plan for PCI compliance to safely process payments · Explore and apply the guidance provided by the NIST Cybersecurity Framework

Get the book

Other editions

Developing Cybersecurity Programs and Policies
- 2024-04-17
- - pages
- Paperback
- Pearson IT Certification
Developing Cybersecurity Programs and Policies: Pearson IT Cybersecurity Curriculum
- 2024-04-27
- - pages
- Paperback
- Pearson IT Cybersecurity Curriculum (ITCC)

Similar books

Cybersecurity for Beginners and Dummies: Developing Cybersecurity Programs and Policies
By Lisa H Gregory Ph D
Hence, I decided to write up this book on, from a computing point of view, security comprises cybersecurity and physical security - both are used by enterprises to protect against unauthorized access to data centers and other computerized ...
Establishing Cyber Security Programs Through the Community Cyber Security Maturity Model (CCSMM)
By White, Natalie, Gregory B.
Featuring research on topics such as community engagement, incident planning methods, and information sharing, this book is ideally designed for cybersecurity professionals, security analysts, managers, researchers, policymakers, students, ...
Cyber Security Policy Guidebook
By Joseph Weiss, Jennifer L. Bayuk, Jason Healey
We therefore gratefully acknowledge these individuals for their efforts and expertise: Warren Axelrod, Larry Clinton, Kevin Gronberg, Richard Menta, William Miller, Brian Peretti, Andy Purdy, and Michael zur Muehlen.
At the Nexus of Cybersecurity and Public Policy: Some Basic Concepts and Issues
By National Research Council, Division on Engineering and Physical Sciences, Computer Science and Telecommunications Board
In its explanation of the fundamentals of cybersecurity and the discussion of potential policy responses, this book will be a resource for policy makers, cybersecurity and IT professionals, and anyone who wants to understand threats to ...
Security Policies and Implementation Issues: Print Bundle
By Robert Johnson
"This book offers a comprehensive, end-to-end view of information security policies and frameworks from the raw organizational mechanics of building to the psychology of implementation.
Managing the Human Factor in Information Security: How to win over staff and influence business managers
By David Lacey
The explosion in social networking and mobile computing is intensifying this problem. For the first time, this book brings together theories and methods which will help you to change and harness people's security behaviour.
Cybersecurity Law, Standards and Regulations, 2nd Edition
By Tari Schreider
This book needs to be required reading before your next discussion with your corporate legal department. This new edition responds to the rapid changes in the cybersecurity industry, threat landscape and providers.
Building an Effective Cybersecurity Program, 2nd Edition
By Tari Schreider
If you are a manager already involved in your organization’s cybersecurity program, you have much to gain from reading this book. This book will become your go to field manual guiding or affirming your program decisions.
Information Security Program Guide: Company Policies, Departmental Procedures, IT Standards and Guidelines
By I. T. Security Risk Manager
This guide can be used to build a (NIST CSF) National Institute of Standards Cyber Security Framework; IT Security Program for any organization.
Enterprise Cybersecurity: How to Build a Successful Cyberdefense Program Against Advanced Threats
By Scott Donaldson, Chris K. Williams, Abdul Aslam
This book presents a comprehensive framework for managing all aspects of an enterprise cybersecurity program.