Subscription

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Learning Hub

Conferences

Free Learning

You're reading from Information Security Handbook Develop a threat model and incident response strategy to build a strong information security framework

Product type Paperback

Published in Dec 2017

Publisher

ISBN-13 9781788478830

Length 330 pages

Edition 1st Edition

Concepts

Information Security

Author (1):

Darren Death

View More author details

Table of Contents (13) Chapters

Preface

1. Information and Data Security Fundamentals FREE CHAPTER

2. Defining the Threat Landscape

3. Preparing for Information and Data Security

4. Information Security Risk Management

5. Developing Your Information and Data Security Plan

6. Continuous Testing and Monitoring

7. Business Continuity/Disaster Recovery Planning

8. Incident Response Planning

9. Developing a Security Operations Center

10. Developing an Information Security Architecture Program

11. Cloud Security Consideration

12. Information and Data Security Best Practices

Vulnerability management

It is very important to note that many of the things that cause an all-hands-on-deck situation relate to how an enterprise information system is managed. If an enterprise information system is not regularly patched, then this leads to an all-hands-on-deck situation.

Vulnerability management is the process of:

Identifying vulnerabilities that are applicable to your information system:
- Vulnerabilities can be identified through the use of enterprise vulnerability management tools such as Nessus
- Additionally, the information security professional should be reading information security blogs and should be subscribed to the security sites for the vendors that they use
Triaging vulnerabilities that are applicable to your information system:
- The information security professional must determine the risk that a given vulnerability presents to the organization...

The rest of the chapter is locked

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at €18.99/month. Cancel anytime

Authors (1)

Death

Darren Death is ASRC Federal's Chief Information Security Officer. He is responsible for managing the enterprise cybersecurity program across a 3 billion-dollar portfolio of business sectors, including financial services, government contracting, and construction. A proven technology leader with over 20 years of experience deploying enterprise systems for large private and public organizations, Darren Death has led, designed, and implemented large-scale, organizational-wide enterprise IT systems with far-reaching impact. Before joining ASRC Federal, while at the Department of Justice, he was responsible for creating a nationwide enterprise processing capability across the US Attorney, Marshalls Service, and the Bureau of Alcohol, Tobacco, and Firearms divisions. At the Library of Congress, Darren was responsible for all emerging technologies related to information security. He holds a doctoral degree in information technology, specializing in information assurance and cybersecurity.

See other products by Death