0

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Free Learning

Infosec Strategies and Best Practices

You're reading from Infosec Strategies and Best Practices Gain proficiency in information security using expert-level strategies and best practices

Product type Paperback

Published in May 2021

Publisher Packt

ISBN-13 9781800566354

Length 272 pages

Edition 1st Edition

Tools

Kali Linux

Concepts

Cybersecurity

Author (1):

Joseph MacMillan

View More author details

Table of Contents (13) Chapters

Preface

1. Section 1: Information Security Risk Management and Governance

2. Chapter 1: InfoSec and Risk Management FREE CHAPTER

3. Chapter 2: Protecting the Security of Assets

4. Section 2: Closing the Gap: How to Protect the Organization

5. Chapter 3: Designing Secure Information Systems

6. Chapter 4: Designing and Protecting Network Security

7. Chapter 5: Controlling Access and Managing Identity

8. Section 3: Operationalizing Information Security

9. Chapter 6: Designing and Managing Security Testing Processes

10. Chapter 7: Owning Security Operations

11. Chapter 8: Improving the Security of Software

12. Other Books You May Enjoy

Securing information assets

This section is all about implementing the appropriate information security controls for assets. I've been thinking about this section for a while, trying to understand how to tackle it best for you.

I know you probably have experience with choosing and implementing controls, and I don't want this section to end up being half of the entire book, just droning on and on about different types of controls or all of the great vendors out there who want to sell you a silver bullet to fix all of your issues. I'm going to go into many different controls and ideologies in the following chapters, anyway.

Instead, in this chapter, I want to make sure that we focus on heavy-hitting, effective ideologies to understand in order to select the appropriate controls, meaning that the asset is considered "secure enough" based on its criticality and classification.

There are different classes that split up the types of controls:

...

The rest of the chapter is locked

Register for a free Packt account to unlock a world of extra content!

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at $19.99/month. Cancel anytime

Authors (1)

MacMillan

MacMillan

Joseph MacMillan is a technological utopian and cybersecurity junkie, currently living in Amsterdam. Employed by Microsoft as a Global Black Belt for Cybersecurity, Joseph uses his experience in senior information security roles to transform businesses into secure organizations rooted in risk management principles to drive decision making. Much of Joseph's work has been focused on enabling businesses to achieve their goals by removing the ambiguity surrounding risk, which enables the CEO and C-Suite to plan and achieve their goals in a secure manner with confidence. Joseph holds various certifications, including the CISSP, CCSP, CISA, CSSLP, AlienVault Certified Engineer, and ISO 27001 Certified ISMS Lead Auditor.

See other products by MacMillan

Other recommended products

Related to this chapter

Information Security Handbook

Information Security Handbook

Having an information security mechanism is one of the most crucial factors for any organization. Important assets of organization demand a proper risk management and threat model for security, and so information security concepts are gaining a lot of traction. This book covers the concept of information security, and shows you why it's important.

Dec 2017 11h 0m

Information Security Handbook

Information Security Handbook

Having an information security mechanism is one of the most crucial factors for any organization. Important assets of organization demand a proper risk management and threat model for security, and so information security concepts are gaining a lot of traction. This book covers the concept of information security, and shows you why it's important.

Dec 2017 11h 0m

Information Security Handbook

Information Security Handbook

Having an information security mechanism is one of the most crucial factors for any organization. Important assets of organization demand a proper risk management and threat model for security, and so information security concepts are gaining a lot of traction. This book covers the concept of information security, and shows you why it's important.

Dec 2017 11h 0m

Information Security Handbook

Information Security Handbook

Having an information security mechanism is one of the most crucial factors for any organization. Important assets of organization demand a proper risk management and threat model for security, and so information security concepts are gaining a lot of traction. This book covers the concept of information security, and shows you why it's important.

Dec 2017 11h 0m

Information Security Handbook

Information Security Handbook

Having an information security mechanism is one of the most crucial factors for any organization. Important assets of organization demand a proper risk management and threat model for security, and so information security concepts are gaining a lot of traction. This book covers the concept of information security, and shows you why it's important.

Dec 2017 11h 0m

Information Security Handbook

Information Security Handbook

Having an information security mechanism is one of the most crucial factors for any organization. Important assets of organization demand a proper risk management and threat model for security, and so information security concepts are gaining a lot of traction. This book covers the concept of information security, and shows you why it's important.

Dec 2017 11h 0m

Information Security Handbook

Information Security Handbook

Having an information security mechanism is one of the most crucial factors for any organization. Important assets of organization demand a proper risk management and threat model for security, and so information security concepts are gaining a lot of traction. This book covers the concept of information security, and shows you why it's important.

Dec 2017 11h 0m

Information Security Handbook

Information Security Handbook

Having an information security mechanism is one of the most crucial factors for any organization. Important assets of organization demand a proper risk management and threat model for security, and so information security concepts are gaining a lot of traction. This book covers the concept of information security, and shows you why it's important.

Dec 2017 11h 0m

Hands-On Security in DevOps

Hands-On Security in DevOps

Hands-On Security in DevOps explores how the techniques of DevOps and Security should be applied together to make cloud services safer. By the end of this book, readers will be ready to build security controls at all layers, monitor and respond to attacks on cloud services, and add security organization-wide through risk management and training.

Jul 2018 11h 52m

Hands-On Security in DevOps

Hands-On Security in DevOps

Hands-On Security in DevOps explores how the techniques of DevOps and Security should be applied together to make cloud services safer. By the end of this book, readers will be ready to build security controls at all layers, monitor and respond to attacks on cloud services, and add security organization-wide through risk management and training.

Jul 2018 11h 52m

Hands-On Security in DevOps

Hands-On Security in DevOps

Hands-On Security in DevOps explores how the techniques of DevOps and Security should be applied together to make cloud services safer. By the end of this book, readers will be ready to build security controls at all layers, monitor and respond to attacks on cloud services, and add security organization-wide through risk management and training.

Jul 2018 11h 52m

Hands-On Security in DevOps

Hands-On Security in DevOps

Hands-On Security in DevOps explores how the techniques of DevOps and Security should be applied together to make cloud services safer. By the end of this book, readers will be ready to build security controls at all layers, monitor and respond to attacks on cloud services, and add security organization-wide through risk management and training.

Jul 2018 11h 52m

Personalised recommendations for you

Based on your interests and search pattern

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m