Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Save more on your purchases now! discount-offer-chevron-icon
Savings automatically calculated. No voucher code required.
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Mastering Information Security Compliance Management

You're reading from   Mastering Information Security Compliance Management A comprehensive handbook on ISO/IEC 27001:2022 compliance

Arrow left icon
Product type Paperback
Published in Aug 2023
Publisher Packt
ISBN-13 9781803231174
Length 236 pages
Edition 1st Edition
Arrow right icon
Authors (2):
Arrow left icon
Greeshma M. R. Greeshma M. R.
Author Profile Icon Greeshma M. R.
Greeshma M. R.
Adarsh Nair Adarsh Nair
Author Profile Icon Adarsh Nair
Adarsh Nair
Arrow right icon
View More author details
Toc

Table of Contents (19) Chapters Close

Preface 1. Part 1: Setting the Stage – Definitions, Concepts, Principles, Standards, and Certifications
2. Chapter 1: Foundations, Standards, and Principles of Information Security FREE CHAPTER 3. Chapter 2: Introduction to ISO 27001 4. Part 2: The Protection Strategy – ISO/IEC 27001/02 Design and Implementation
5. Chapter 3: ISMS Controls 6. Chapter 4: Risk Management 7. Chapter 5: ISMS – Phases of Implementation 8. Chapter 6: Information Security Incident Management 9. Chapter 7: Case Studies – Certification, SoA, and Incident Management 10. Part 3: How to Sustain – Monitoring and Measurement
11. Chapter 8: Audit Principles, Concepts, and Planning 12. Chapter 9: Performing an Audit 13. Chapter 10: Audit Reporting, Follow-Up, and Strategies for Continual Improvement 14. Chapter 11: Auditor Competence and Evaluation 15. Chapter 12: Case Studies – Audit Planning, Reporting Nonconformities, and Audit Reporting 16. Index 17. Other Books You May Enjoy Appendix – Terms and Definitions

Foundations, Standards, and Principles of Information Security

In today’s information-centric environment, the concept of information security is paramount and is now on par with other business functions. Irrespective of their market share, private or public status, or geographical location, businesses are being pushed to move online in order to stay relevant.

In the 21st century, we have all experienced the information revolution. Data is stimulating the information revolution in the same way that oil catalyzed the industrial revolution. In today’s environment, data is the raw resource that must be studied, interpreted, and retrieved with care in order to provide significant insights to its users.

The difference between oil and data is that the volume of oil is reducing across the world, whereas the amount of data is growing day by day. Data has become a valuable commodity and fuel source in today’s world.

On the other hand, data-related cybercrime such as data theft is expanding exponentially. A data breach occurs when a company unwittingly exposes critical information that might cause damage to a company’s reputation, brand value, and customer trust, or even result in regulatory penalties.

The average cost of a data breach was $4.35 million in the year 2022, according to IBM’s Cost of a Data Breach Report 2022. While the average cost per record was $164 in 2022, the cost per record has climbed considerably since 2020. Hackers are primarily interested in a company’s customer information because they can use it to blackmail the company or sell the information to competitors. Data has become, on average, more valuable than any other asset. Information security principles guide the entire concept of data security.

This chapter will explain the fundamentals of Information Security, including why it’s important and how security frameworks can help reduce risk and develop a mechanism to manage information security across an enterprise. The key topics covered are the following:

  • The CIA triad
  • Information security standards
  • Using an information security management system
  • The ISO 27000 series
You have been reading a chapter from
Mastering Information Security Compliance Management
Published in: Aug 2023
Publisher: Packt
ISBN-13: 9781803231174
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime