Information Security

In Wiley's Certified Information Security Manager (CISM) Study Guide, you'll get the information you need to succeed on the demanding CISM exam. You'll also develop the IT security skills and confidence you need to prove yourself where it really counts: on the job. Chapters are organized intuitively and by exam objective so you can easily keep track of what you've covered and what you still need to study. You'll also get access to a pre-assessment, so you can find out where you stand before you take your studies further.

(ISC)2 Certified Information Systems Security Professional (CISSP) Official Study Guide, 9th Edition has been completely updated based on the latest 2021 CISSP Exam Outline. This bestselling Sybex study guide covers 100% of the exam objectives. You'll prepare for the exam smarter and faster with Sybex thanks to expert content, knowledge from our real-world experience, advice on mastering this adaptive exam, access to the Sybex online interactive learning environment, and much more. Reinforce what you've learned with key topic exam essentials and chapter review questions.

The Information Security and Privacy Quick Reference: The Essential Handbook for Every CISO, CSO, and Chief Privacy Officer is an updated, convenient, and accurate desk reference for information privacy practitioners who need fast and easy access to the latest guidance, laws, and standards that apply in their field. This book is the most effective resource for information security professionals who need immediate and correct solutions to common and rarely encountered problems.

A straightforward look at the four domains of the ISACA Certified Information Security Manager exam. This book will help you get a firm grasp on the key topics needed for success with the exam. Included are over 120 practice questions covering the four domains of ISACA's CISM.

Andrew J. Stewart convincingly shows that emergency software patches and new security products cannot provide the solution to threats such as computer hacking, viruses, software vulnerabilities, and electronic spying. Profound underlying structural problems must first be understood, confronted, and then addressed.

Are you struggling to navigate the complexities of the ISO 27001:2022 standard? Look no further! This comprehensive guide, written by renowned cybersecurity expert Bruce Brown, CISSP, CGRC, is your ultimate companion to mastering the world of information security management. While the official ISO 27001:2022 standard provides a concise overview, it often leaves readers craving more detailed insights. At a mere 20 pages and a price tag of 135 EURO, it may not offer the depth and clarity you need.

The information security industry is undergoing a major change, forced by the rise of end-to-end encryption, encryption that cannot be intercepted, transport protocol stack evolution, "zero trust networks", and distributed computing. While we understand the logical connections between these trends, there is little analysis of all of these trends in combination. Examination of all five trends uncovers opportunities that not only improve the state of information security and the general posture, but also lead to resource reductions necessary for information security to be sustainable.

The NIST Cybersecurity Framework, intelligently designed to synchronize with top-tier industry practices, is a treasure trove for all cybersecurity enthusiasts, IT professionals, or organizational leaders determined to enhance their information systems security. This book, with its ability to translate complex concepts into accessible lessons, has the power to elevate beginners into adept cybersecurity practitioners.

Written by an acknowledged expert on the ISO/IEC 27001 standard, ISO 27001: 2022–An Introduction to Information Security and the ISMS Standard is an ideal primer for anyone implementing an information security management system aligned to ISO 27001: 2022.

Cyber risk management is one of the most urgent issues facing enterprises today. This book presents a detailed framework for designing, developing, and implementing a cyber risk management program that addresses your company's specific needs. Ideal for corporate directors, senior executives, security risk practitioners, and auditors at many levels, this guide offers both the strategic insight and tactical guidance you're looking for.

What do you know about hacking a computer system? If you are like most of us, you can't even get into your own computer if you've forgotten the password. The good news is that hacking is actually a lot easier than you think, and anyone can learn how to do it. As long as you are willing to do the work and to work through the steps patiently, you will also be able to hack the systems that you want to.

Do you need a thorough but straightforward breakdown of the NIST Cybersecurity Framework v1.0? This TWO-BOOK BUNDLE gives a working explanation of the NIST CSF and a method of practical application. Equip yourself with a dual weapon against cyber threats – a theoretical understanding and actionable strategies. Whether you're a cybersecurity novice or a seasoned expert, this 2-in-1 bundle is a must-have resource.

Welcome to the first and only book you will ever need on the topic of cyber law and cyber security. learn hacking techniques, cyber law, and white hat operations. Perfect for Beginners: If you’re brand new or an expert in cyber security, you’ll still find this guide a solid purchase to add to your skill set, develop new skills and techniques, or revamp old ones and sharpen yourself with cyber security and cyber law.

Our data is besieged daily in the information economy, leading to hidden AI harms. Companies can do this because our laws are built on outdated ideas that trap lawmakers, regulators, and courts into wrong assumptions, resulting in ineffective approaches to one of the most pressing concerns of our generation. Drawing on behavioral science, social data science, and economics, this book dispels enduring misconceptions about AI-driven interactions. Its exploration offers a view of why current regulations fail to protect us against digital harms, particularly those created by AI.

Based on insights gained from academic research, as well as interviews with UK-based security professionals from various sectors, The Psychology of Information Security describes how resolving conflicts between security compliance and human behavior explains the importance of careful risk management and how to align a security program with wider business objectives, providing methods and techniques to engage stakeholders and encourage buy-in.

The Pentester BluePrint: Starting a Career as an Ethical Hacker offers listeners a chance to delve deeply into the world of the ethical, or "white-hat" hacker. Accomplished pentester and author Phillip L. Wylie and cybersecurity researcher Kim Crawley walk you through the basic and advanced topics necessary to understand how to make a career out of finding vulnerabilities in systems, networks, and applications.

In today's digital age, data is the new currency. Businesses are collecting more information than ever before, and individuals are increasingly concerned about how their personal details are used and protected. This is where the IAPP CIPP/US (Certified Information Privacy Professional/United States) certification steps in, acting as your passport to a thriving career in the ever-evolving field of data privacy.

Every organization today faces an ever-changing set of threats in this digital landscape. Understanding how to develop a functional information security program to protect your organization’s reputation and brand from being tarnished due to a breach of your company’s sensitive information is more critical than ever. Developing a functional program that sets up the best information security practices across the organization’s operational workflows, is the leading practice for protecting against a possible breach.

In The DevSecOps Playbook: Deliver Continuous Security at Speed, the chief information and information security officer at Wiley, Sean D. Mack, delivers an insightful and practical discussion of how to keep your business secure. You'll learn how to leverage the classic triad of people, process, and technology to build strong cybersecurity infrastructure and practices. You'll also discover the shared responsibility model at the core of DevSecOps as you explore the principles and best practices that make up contemporary frameworks.

It is estimated that standard computer-based defense systems catch only 25 percent of malware attacks. Do you know the risks you’re running online? Are you protected? An Introduction to Hacking and Crimeware answers your concerns and provides a foundation-level overview of the dark world of cybercrime. This is a comprehensive guide to more serious online threats. Knowledge of these threats will help you understand how to ensure that your computer systems are protected and make sure that your business is safe, enabling you to focus on your core activities without fear of attack.