| Description |
1 online resource (xx, 204 pages) |
| Note |
Includes index. |
| Summary |
"Harden your business against internal and external cybersecurity threats with a single accessible resource. In 8 Steps to Better Security: A Simple Cyber Resilience Guide for Business, cybersecurity researcher and writer Kim Crawley delivers a grounded and practical roadmap to cyber resilience in any organization. Offering you the lessons she learned while working for major tech companies like Sophos, AT&T, BlackBerry Cylance, Tripwire, and Venafi, Crawley condenses the essence of business cybersecurity into eight steps. Written to be accessible to non-technical businesspeople as well as security professionals, and with insights from other security industry leaders, this important book will walk you through how to: foster a strong security culture that extends from the custodial team to the C-suite; build an effective security team, regardless of the size or nature of your business; comply with regulatory requirements, including general data privacy rules and industry-specific legislation; test your cybersecurity, including third-party penetration testing and internal red team specialists. Perfect for CISOs, security leaders, non-technical businesspeople, and managers at any level, 8 Steps to Better Security is also a must-have resource for companies of all sizes, and in all industries." -- Description provided by publisher. |
| Contents |
Foreword -- Introduction -- Chapter 1 Step 1: Foster a Strong Security Culture -- Kevin Mitnick, Human Hacker Extraordinaire -- The Importance of a Strong Security Culture -- Hackers Are the Bad Guys, Right? -- What Is Security Culture? -- How to Foster a Strong Security Culture -- Security Leaders on Security Culture -- What Makes a Good CISO? -- The Biggest Mistakes Businesses Make When It Comes to Cybersecurity -- The Psychological Phases of a Cybersecurity Professional -- Chapter 2 Step 2: Build a Security Team -- Why Step 2 Is Controversial -- How to Hire the Right Security Team. . .the Right Way -- Security Team Tips from Security Leaders -- The "Culture Fit"-Yuck! -- Cybersecurity Budgets -- Design Your Perfect Security Team -- Chapter 3 Step 3: Regulatory Compliance |
|
What Are Data Breaches, and Why Are They Bad? -- The Scary Truth Found in Data Breach Research -- An Introduction to Common Data Privacy Regulations -- The General Data Protection Regulation -- The California Consumer Privacy Act -- The Health Insurance Portability and Accountability Act -- The Gramm-Leach-Bliley Act -- Payment Card Industry Data Security Standard -- Governance, Risk Management, and Compliance -- More About Risk Management -- Threat Modeling -- Chapter 4 Step 4: Frequent Security Testing -- What Is Security Testing? -- Security Testing Types -- Security Audits -- Vulnerability Assessments Versus Penetration Testing -- Red Team Testing -- Bug Bounty Programs -- What's Security Maturity? -- The Basics of Security Audits and Vulnerability Assessments |
|
Log Early, Log Often -- Prepare for Vulnerability Assessments and Security Audits -- A Concise Guide to Penetration Testing -- Penetration Testing Based on Network Knowledge -- Penetration Testing Based on Network Aspects -- Security Leaders on Security Maturity -- Security Testing Is Crucial -- Chapter 5 Step 5: Security Framework Application -- What Is Incident Response? -- Preparation -- Identification or Analysis -- Containment, Mitigation, or Eradication -- Recovery -- Post-incident -- Your Computer Security Incident Response Team -- Cybersecurity Frameworks -- NIST Cybersecurity Framework -- ISO 27000 Cybersecurity Frameworks -- CIS Controls -- COBIT Cybersecurity Framework -- Security Frameworks and Cloud Security -- Chapter 6 Step 6: Control Your Data Assets |
| Subject |
Computer security.
|
|
Business enterprises -- Computer networks -- Security measures.
|
|
Computer networks -- Management.
|
|
Computer networks -- Security measures.
|
|
Computer Security |
|
Sécurité informatique. |
|
Réseaux d'ordinateurs -- Gestion. |
|
Réseaux d'ordinateurs -- Sécurité -- Mesures. |
|
Business enterprises -- Computer networks -- Security measures |
|
Computer networks -- Management |
|
Computer networks -- Security measures |
|
Computer security |
| Added Title |
Eight steps to better security |
| Other Form: |
Print version: Crawley, Kim. 8 steps to better security. Hoboken : John Wiley & Sons, Inc., [2022] 9781119811237 (OCoLC)1272885750 |
| ISBN |
9781119811251 |
|
1119811252 |
|
1119811244 |
|
9781119811244 (electronic bk.) |
|
9781394176823 (electronic bk.) |
|
1394176821 (electronic bk.) |
| Standard No. |
10.1002/9781394176823 doi |
|
More Resources