IT Security Controls: A Guide to Corporate Standards and Frameworks 1st ed. Edition

IT Security Controls: A Guide to Corporate Standards and Frameworks 1st ed. Edition book cover

IT Security Controls: A Guide to Corporate Standards and Frameworks 1st ed. Edition

Author(s): Virgilio Viegas (Author), Oben Kuyucu (Author)

  • Publisher: Apress
  • Publication Date: 24 Mar. 2022
  • Edition: 1st ed.
  • Language: English
  • Print length: 375 pages
  • ISBN-10: 1484277988
  • ISBN-13: 9781484277980

Book Description

Use this reference for IT security practitioners to get an overview of the major standards and frameworks, and a proposed architecture to meet them. The book identifies and describes the necessary controls and processes that must be implemented in order to secure your organization’s infrastructure.

The book proposes a comprehensive approach to the implementation of IT security controls with an easily understandable graphic implementation proposal to comply with the most relevant market standards (ISO 27001, NIST, PCI-DSS, and COBIT) and a significant number of regulatory frameworks from central banks across the World (European Union, Switzerland, UK, Singapore, Hong Kong, India, Qatar, Kuwait, Saudi Arabia, Oman, etc.).

To connect the book with the real world, a number of well-known case studies are featured to explain what went wrong with the biggest hacks of the decade, and which controls should have been in place to prevent them. The book also describes a set of well-knownsecurity tools available to support you.

What You Will Learn

  • Understand corporate IT security controls, including governance, policies, procedures, and security awareness
  • Know cybersecurity and risk assessment techniques such as penetration testing, red teaming, compliance scans, firewall assurance, and vulnerability scans
  • Understand technical IT security controls for unmanaged and managed devices, and perimeter controls
  • Implement security testing tools such as steganography, vulnerability scanners, session hijacking, intrusion detection, and more


Who This Book Is For

IT security managers, chief information security officers, information security practitioners, and IT auditors will use the book as a reference and support guide to conduct gap analyses and audits of their organizations’ IT security controls implementations.

Editorial Reviews

Review

“The book includes a detailed table of contents and good index, and the chapters conclude with succinct summaries. … This is an excellent reference for anyone working in the area of ICT security, summarizing the major standards and frameworks in one publication with useful case studies as examples to explain how things can go wrong and what steps can be taken to protect and minimize the impact of attacks.” (David B. Henderson, Computing Reviews, November 14, 2022)

From the Back Cover

Use this reference for IT security practitioners to get an overview of the major standards and frameworks, and a proposed architecture to meet them. The book identifies and describes the necessary controls and processes that must be implemented in order to secure your organization’s infrastructure.

The book proposes a comprehensive approach to the implementation of IT security controls with an easily understandable graphic implementation proposal to comply with the most relevant market standards (ISO 27001, NIST, PCI-DSS, and COBIT) and a significant number of regulatory frameworks from central banks across the World (European Union, Switzerland, UK, Singapore, Hong Kong, India, Qatar, Kuwait, Saudi Arabia, Oman, etc.).

To connect the book with the real world, a number of well-known case studies are featured to explain what went wrong with the biggest hacks of the decade, and which controls should have been in place to prevent them. The book also describes a set of well-known security tools available to support you.

What You Will Learn

  • Understand corporate IT security controls, including governance, policies, procedures, and security awareness
  • Know cybersecurity and risk assessment techniques such as penetration testing, red teaming, compliance scans, firewall assurance, and vulnerability scans
  • Understand technical IT security controls for unmanaged and managed devices, and perimeter controls
  • Implement security testing tools such as steganography, vulnerability scanners, session hijacking, intrusion detection, and more


View on Amazon

未经允许不得转载:Wow! eBook » IT Security Controls: A Guide to Corporate Standards and Frameworks 1st ed. Edition