Developing Cybersecurity Programs and Policies

Specificaties
E-book, blz. | Engels
Pearson Education | 2018
ISBN13: 9780134858524
Rubricering
Pearson Education e druk, 2018 9780134858524
Verwachte levertijd ongeveer 9 werkdagen

Samenvatting

All the Knowledge You Need to Build Cybersecurity Programs and Policies That Work

Clearly presents best practices, governance frameworks, and key standards

Includes focused coverage of healthcare, finance, and PCI DSS compliance

An essential and invaluable guide for leaders, managers, and technical professionals

Today, cyberattacks can place entire organizations at risk. Cybersecurity can no longer be delegated to specialists: success requires everyone to work together, from leaders on down. Developing Cybersecurity Programs and Policies offers start-to-finish guidance for establishing effective cybersecurity in any organization. Drawing on more than 20 years of real-world experience, Omar Santos presents realistic best practices for defining policy and governance, ensuring compliance, and collaborating to harden the entire organization.

First, Santos shows how to develop workable cybersecurity policies and an effective framework for governing them. Next, he addresses risk management, asset management, and data loss prevention, showing how to align functions from HR to physical security. You’ll discover best practices for securing communications, operations, and access; acquiring, developing, and maintaining technology; and responding to incidents.

Santos concludes with detailed coverage of compliance in finance and healthcare, the crucial Payment Card Industry Data Security Standard (PCI DSS) standard, and the NIST Cybersecurity Framework.

Whatever your current responsibilities, this guide will help you plan, manage, and lead cybersecurity–and safeguard all the assets that matter.

Learn How To

·         Establish cybersecurity policies and governance that serve your organization’s needs

·         Integrate cybersecurity program components into a coherent framework for action

·         Assess, prioritize, and manage security risk throughout the organization

·         Manage assets and prevent data loss

·         Work with HR to address human factors in cybersecurity

·         Harden your facilities and physical environment

·         Design effective policies for securing communications, operations, and access

·         Strengthen security throughout the information systems lifecycle

·         Plan for quick, effective incident response and ensure business continuity

·         Comply with rigorous regulations in finance and healthcare

·         Plan for PCI compliance to safely process payments

·         Explore and apply the guidance provided by the NIST Cybersecurity Framework

 

Specificaties

ISBN13:9780134858524
Taal:Engels
Bindwijze:e-book

Inhoudsopgave

<p style="margin:0px;">Chapter 1: Understanding Cybersecurity Policy and Governance</p> <p style="margin:0px;">Information Security vs. Cybersecurity Policies</p> <p style="margin:0px;">Looking at Policy Through the Ages</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Policy in Ancient Times</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; The United States Constitution as a Policy Revolution</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Policy Today</p> <p style="margin:0px;">Cybersecurity Policy</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; What Are Assets?</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Successful Policy Characteristics</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; What Is the Role of Government?</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Additional Federal Banking Regulations</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Government Cybersecurity Regulations in Other Countries</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; The Challenges of Global Policies</p> <p style="margin:0px;">Cybersecurity Policy Life Cycle</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Policy Development</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Policy Publication</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Policy Adoption</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Policy Review</p> <p style="margin:0px;">Summary</p> <p style="margin:0px;">Chapter 2: Cybersecurity Policy Organization, Format, and Styles</p> <p style="margin:0px;">Policy Hierarchy</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Standards</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Baselines</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Guidelines</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Procedures</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Plans and Programs</p> <p style="margin:0px;">Writing Style and Technique</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Using Plain Language</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; The Plain Language Movement</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Plain Language Techniques for Policy Writing</p> <p style="margin:0px;">Policy Format</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Understand Your Audience</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Policy Format Types</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Policy Components</p> <p style="margin:0px;">Summary</p> <p style="margin:0px;">Chapter 3: Cybersecurity Framework</p> <p style="margin:0px;">Confidentiality, Integrity, and Availability</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; What Is Confidentiality?</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; What Is Integrity?</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; What Is Availability?</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Who Is Responsible for CIA?</p> <p style="margin:0px;">NIST’s Cybersecurity Framework</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; What Is NIST’s Function?</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; So, What About ISO?</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; NIST Cybersecurity Framework</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; ISO Standards</p> <p style="margin:0px;">Summary</p> <p style="margin:0px;">Chapter 4: Governance and Risk Management</p> <p style="margin:0px;">Understanding Cybersecurity Policies</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; What Is Governance?</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; What Is Meant by Strategic Alignment?</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Regulatory Requirements</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; User-Level Cybersecurity Policies</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Vendor Cybersecurity Policies</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Cybersecurity Vulnerability Disclosure Policies</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Client Synopsis of Cybersecurity Policies</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Who Authorizes Cybersecurity Policy?</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; What Is a Distributed Governance Model?</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Evaluating Cybersecurity Policies</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Revising Cybersecurity Policies: Change Drivers</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; NIST Cybersecurity Framework Governance Subcategories and Informative References</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Regulatory Requirements</p> <p style="margin:0px;">Cybersecurity Risk</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Is Risk Bad?</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Understanding Risk Management</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Risk Appetite and Tolerance</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; What Is a Risk Assessment?</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Risk Assessment Methodologies</p> <p style="margin:0px;">Summary</p> <p style="margin:0px;">Chapter 5: Asset Management and Data Loss Prevention</p> <p style="margin:0px;">Information Assets and Systems</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Who Is Responsible for Information Assets?</p> <p style="margin:0px;">Information Classification</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; How Does the Federal Government Classify Data?</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Why Is National Security Information Classified Differently?</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Who Decides How National Security Data Is Classified?</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; How Does the Private Sector Classify Data?</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Can Information Be Reclassified or Even Declassified?</p> <p style="margin:0px;">Labeling and Handling Standards</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Why Label?</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Why Handling Standards?</p> <p style="margin:0px;">Information Systems Inventory</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Why an Inventory Is Necessary and What Should Be Inventoried</p> <p style="margin:0px;">Understanding Data Loss Prevention Technologies</p> <p style="margin:0px;">Summary</p> <p style="margin:0px;">Chapter 6: Human Resources Security</p> <p style="margin:0px;">The Employee Life Cycle</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; What Does Recruitment Have to Do with Security?</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; What Happens in the Onboarding Phase?</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; What Is User Provisioning?</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; What Should an Employee Learn During Orientation?</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Why Is Termination Considered the Most Dangerous Phase?</p> <p style="margin:0px;">The Importance of Employee Agreements</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; What Are Confidentiality or Nondisclosure Agreements?</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; What Is an Acceptable Use Agreement?</p> <p style="margin:0px;">The Importance of Security Education and Training</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Influencing Behavior with Security Awareness</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Teaching a Skill with Security Training</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Security Education Is Knowledge Driven</p> <p style="margin:0px;">Summary</p> <p style="margin:0px;">Chapter 7: Physical and Environmental Security</p> <p style="margin:0px;">Understanding the Secure Facility Layered Defense Model</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; How Do We Secure the Site?</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; How Is Physical Access Controlled?</p> <p style="margin:0px;">Protecting Equipment</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; No Power, No Processing?</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; How Dangerous Is Fire?</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; What About Disposal?</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Stop, Thief!</p> <p style="margin:0px;">Summary</p> <p style="margin:0px;">Chapter 8: Communications and Operations Security</p> <p style="margin:0px;">Standard Operating Procedures</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Why Document SOPs?</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Developing SOPs</p> <p style="margin:0px;">Operational Change Control</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Why Manage Change?</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Why Is Patching Handled Differently?</p> <p style="margin:0px;">Malware Protection</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Are There Different Types of Malware?</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; How Is Malware Controlled?</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; What Is Antivirus Software?</p> <p style="margin:0px;">Data Replication</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Is There a Recommended Backup or Replication Strategy?</p> <p style="margin:0px;">Secure Messaging</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; What Makes Email a Security Risk?</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Are Email Servers at Risk?</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Other Collaboration and Communication Tools</p> <p style="margin:0px;">Activity Monitoring and Log Analysis</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; What Is Log Management?</p> <p style="margin:0px;">Service Provider Oversight</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; What Is Due Diligence?</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; What Should Be Included in Service Provider Contracts?</p> <p style="margin:0px;">Threat Intelligence and Information Sharing</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; How Good Is Cyber Threat Intelligence if It Cannot Be Shared?</p> <p style="margin:0px;">Summary</p> <p style="margin:0px;">Chapter 9: Access Control Management</p> <p style="margin:0px;">Access Control Fundamentals</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; What Is a Security Posture?</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; How Is Identity Verified?</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; What Is Authorization?</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Accounting</p> <p style="margin:0px;">Infrastructure Access Controls</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Why Segment a Network?</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; What Is Layered Border Security?</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Remote Access Security</p> <p style="margin:0px;">User Access Controls</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Why Manage User Access?</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; What Types of Access Should Be Monitored?</p> <p style="margin:0px;">Summary</p> <p style="margin:0px;">Chapter 10: Information Systems Acquisition, Development, and Maintenance</p> <p style="margin:0px;">System Security Requirements</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; What Is SDLC?</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; What About Commercially Available or Open Source Software?</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; The Testing Environment</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Protecting Test Data</p> <p style="margin:0px;">Secure Code</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; The Open Web Application Security Project (OWASP)</p> <p style="margin:0px;">Cryptography</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Why Encrypt?</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Regulatory Requirements</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; What Is a “Key”?</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; What Is PKI?</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Why Protect Cryptographic Keys?</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Digital Certificate Compromise</p> <p style="margin:0px;">Summary</p> <p style="margin:0px;">Chapter 11: Cybersecurity Incident Response</p> <p style="margin:0px;">Incident Response</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; What Is an Incident?</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; How Are Incidents Reported?</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; What Is an Incident Response Program?</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; The Incident Response Process</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Tabletop Exercises and Playbooks</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Information Sharing and Coordination</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Computer Security Incident Response Teams</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Product Security Incident Response Teams (PSIRTs)</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Incident Response Training and Exercises</p> <p style="margin:0px;">What Happened? Investigation and Evidence Handling</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Documenting Incidents</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Working with Law Enforcement</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Understanding Forensic Analysis</p> <p style="margin:0px;">Data Breach Notification Requirements</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Is There a Federal Breach Notification Law?</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Does Notification Work?</p> <p style="margin:0px;">Summary</p> <p style="margin:0px;">Chapter 12: Business Continuity Management</p> <p style="margin:0px;">Emergency Preparedness</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; What Is a Resilient Organization?</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Regulatory Requirements</p> <p style="margin:0px;">Business Continuity Risk Management</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; What Is a Business Continuity Threat Assessment?</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; What Is a Business Continuity Risk Assessment?</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; What Is a Business Impact Assessment?</p> <p style="margin:0px;">The Business Continuity Plan</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Roles and Responsibilities</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Disaster Response Plans</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Operational Contingency Plans</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; The Disaster Recovery Phase</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; The Resumption Phase</p> <p style="margin:0px;">Plan Testing and Maintenance</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Why Is Testing Important?</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Plan Maintenance</p> <p style="margin:0px;">Summary</p> <p style="margin:0px;">Chapter 13: Regulatory Compliance for Financial Institutions</p> <p style="margin:0px;">The Gramm-Leach-Bliley Act</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; What Is a Financial Institution?</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Regulatory Oversight</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; What Are the Interagency Guidelines?</p> <p style="margin:0px;">New York’s Department of Financial Services Cybersecurity Regulation (23 NYCRR Part 500)</p> <p style="margin:0px;">What Is a Regulatory Examination?</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Examination Process</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Examination Ratings</p> <p style="margin:0px;">Personal and Corporate Identity Theft</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; What Is Required by the Interagency Guidelines Supplement A?</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; What Is Required by the Supplement to the Authentication in an Internet Banking Environment Guidance?</p> <p style="margin:0px;">Summary</p> <p style="margin:0px;">Chapter 14: Regulatory Compliance for the Health-Care Sector</p> <p style="margin:0px;">The HIPAA Security Rule</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; What Is the Objective of the HIPAA Security Rule?</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; How Is the HIPAA Security Rule Organized?</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; What Are the Physical Safeguards?</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; What Are the Technical Safeguards?</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; What Are the Organizational Requirements?</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; What Are the Policies and Procedures Standards?</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; The HIPAA Security Rule Mapping to NIST Cybersecurity Framework</p> <p style="margin:0px;">The HITECH Act and the Omnibus Rule</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; What Changed for Business Associates?</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; What Are the Breach Notification Requirements?</p> <p style="margin:0px;">Understanding the HIPAA Compliance Enforcement Process</p> <p style="margin:0px;">Summary</p> <p style="margin:0px;">Chapter 15: PCI Compliance for Merchants</p> <p style="margin:0px;">Protecting Cardholder Data</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; What Is the PAN?</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; The Luhn Algorithm</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; What Is the PCI DDS Framework?</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Business-as-Usual Approach</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; What Are the PCI Requirements?</p> <p style="margin:0px;">PCI Compliance</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Who Is Required to Comply with PCI DSS?</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; What Is a Data Security Compliance Assessment?</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; What Is the PCI DSS Self-Assessment Questionnaire (SAQ)?</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Are There Penalties for Noncompliance?</p> <p style="margin:0px;">Summary</p> <p style="margin:0px;">Chapter 16: NIST Cybersecurity Framework</p> <p style="margin:0px;">Introducing the NIST Cybersecurity Framework Components</p> <p style="margin:0px;">The Framework Core</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Identify</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Protect</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Detect</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Respond</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Recover</p> <p style="margin:0px;">Framework Implementation Tiers (“Tiers”)</p> <p style="margin:0px;">&nbsp;&nbsp;&nbsp; Who Should Coordinate the Framework Implementation?</p> <p style="margin:0px;">NIST’s Recommended Steps to Establish or Improve a Cybersecurity Program</p> <p style="margin:0px;">Communication with Stakeholders and Supply Chain Relationships</p> <p style="margin:0px;">NIST’s Cybersecurity Framework Reference Tool</p> <p style="margin:0px;">Adopting the NIST Cybersecurity Framework in Real Life</p> <p style="margin:0px;">Summary</p> <p style="margin:0px;">Appendix A: Cybersecurity Program Resources 608</p> <p style="margin:0px;">Appendix B: Answers to the Multiple Choice Questions 618</p> <p style="margin:0px;">&nbsp;</p> <p style="margin:0px;">&nbsp;</p> <p style="margin:0px;">9780789759405&nbsp;&nbsp; TOC&nbsp;&nbsp; 6/27/2018</p> <p style="margin:0px;">&nbsp;</p>

Rubrieken

Populaire producten

    Personen

      Trefwoorden

        Developing Cybersecurity Programs and Policies