This is a breakdown of the NIST risk management framework process for cybersecurity professionals getting into security compliance. It is written in layman's terms, without the convoluted way it is described in the NIST SP 800-37 revision 2. It goes into what the information system security officer does at each step in the process and where their attention should be focused. Although the main focus is on implementation of the NIST 800 RMF process, this book covers many of the main concepts on certifications, such as the ISC2 CAP.

Insightful and enlightening, this book will inspire a closer examination of your company's own risk management practices in the context of cybersecurity. The end goal is airtight data protection, so finding cracks in the vault is a positive thing - as long as you get there before the bad guys do. How to Measure Anything in Cybersecurity Risk is your guide to more robust protection through better quantitative processes, approaches, and techniques.

Eleventh Hour CISSP®: Study Guide, Third Edition, provides readers with a study guide on the most current version of the Certified Information Systems Security Professional exam. This book is streamlined to include only core certification information and is presented for ease of last-minute studying. Main objectives of the exam are covered concisely with key concepts highlighted. This new edition is aligned to cover all material in the most current version of the exam’s Common Body of Knowledge.

(ISC)2 CCSP Certified Cloud Security Professional Official Study Guide is your ultimate resource for the CCSP exam. Covering all CCSP domains, this book walks you through architectural concepts and design requirements, cloud data security, cloud platform and infrastructure security, cloud application security, operations, and legal and compliance with real-world scenarios to help you apply your skills along the way. 

In Project Zero Trust: A Story About a Strategy for Aligning Security and the Business, George Finney, chief security officer at Southern Methodist University, delivers an insightful and practical discussion of Zero Trust implementation. Presented in the form of a fictional narrative involving a breach at a company, the book tracks the actions of the company's new IT security director. Listeners will learn John Kindervag's 5-Step methodology for implementing Zero Trust, the four Zero Trust design principles, and how to limit the impact of a breach.

In 2014, the world witnessed the start of a mysterious series of cyberattacks. Targeting American utility companies, NATO, and electric grids in Eastern Europe, the strikes grew ever more brazen. They culminated in the summer of 2017, when the malware known as NotPetya was unleashed, penetrating, disrupting, and paralyzing some of the world's largest businesses—from drug manufacturers to software developers to shipping companies. At the attack's epicenter in Ukraine, ATMs froze. The railway and postal systems shut down. Hospitals went dark.

In The CISO Evolution: Business Knowledge for Cybersecurity Executives, information security experts Matthew K. Sharp and Kyriakos "Rock" Lambros deliver an insightful and practical resource to help cybersecurity professionals develop the skills they need to effectively communicate with senior management and boards. They assert business aligned cybersecurity is crucial and demonstrate how business acumen is being put into action to deliver meaningful business outcomes.

A straightforward look at the four domains of the ISACA Certified Information Security Manager exam. This book will help you get a firm grasp on the key topics needed for success with the exam. Included are over 120 practice questions covering the four domains of ISACA's CISM.

With cyberattacks resulting in often devastating results, it’s no wonder executives hire the best and brightest of the IT world for protection. But are you doing enough? Do you understand your risks? What if the brightest aren’t always the best choice for your company? In The Smartest Person in the Room, Christian Espinosa shows you how to leverage your company’s smartest minds to your benefit and theirs. Learn from Christian’s own journey from cybersecurity engineer to company CEO.

Cybersecurity is an emerging career trend and will continue to become increasingly important. Despite the lucrative pay and significant career growth opportunities, many people are unsure of how to get started.

Rick Howard, the Chief Security Officer, Chief Analyst, and Senior fellow at The Cyberwire, challenges the conventional wisdom of current cybersecurity best practices, strategy, and tactics and makes the case that the profession needs to get back to first principles.

Essential CISA has been made with a single goal in mind - to present the CISA material in a way that is easy to absorb without leaving any content behind. Plenty of examples are included to drive the points home so when it comes time to take the CISA exam, you are ready!

In A Leader's Guide to Cybersecurity, Thomas Parenty and Jack Domet, who've spent over three decades in the field, present a timely, clear-eyed, and actionable framework that will empower senior executives and board members to become stewards of their companies' cybersecurity activities. Filled with tools, best practices, and strategies, A Leader's Guide to Cybersecurity will help boards navigate this seemingly daunting but extremely necessary transition.

Essential CISM has been written with a single goal in mind - to present the CISM material in a way that is easy to absorb without leaving any content behind. Plenty of examples are included to drive the points home so that when it comes time to take the CISM exam, you are ready! The book is broken down into two sections. Section 1 covers basic concepts you will need to understand before hitting each domain. The CISM official exam guide is redundant across the domains, and so in this book you will encounter each topic once instead of having to rehash the same subject in different ways.

Part one of this audiobook delivers a variety of computer networking-related topics to be easily understood by beginners. In part two, you will take a journey into the world of cybercrimes and cybersecurity. The topics outlined in this audiobook are delivered in a language easy to understand and constantly piquing your interest so that you will want to explore the topics presented even more.

Cyber Wars gives you the dramatic inside stories of some of the world's biggest cyber attacks. These are the game-changing hacks that make organisations around the world tremble and leaders stop and consider just how safe they really are. Charles Arthur provides a gripping account of why each hack happened, what techniques were used, what the consequences were and how they could have been prevented. Cyber attacks are some of the most frightening threats currently facing business leaders, and this book provides a deep insight into understanding how they work.

Everything is a computer. Ovens are computers that make things hot; refrigerators are computers that keep things cold. These computers - from home thermostats to chemical plants - are all online. All computers can be hacked. And Internet-connected computers are the most vulnerable. Forget data theft: Cutting-edge digital attackers can now crash your car, your pacemaker, and the nation’s power grid. In Click Here to Kill Everybody, renowned expert and best-selling author Bruce Schneier examines the hidden risks of this new reality.

The virus now known as Stuxnet was unlike any other piece of malware built before: Rather than simply hijacking targeted computers or stealing information from them, it proved that a piece of code could escape the digital realm and wreak actual, physical destruction—in this case, on an Iranian nuclear facility.

Author of the number one New York Times best seller Against All Enemies, former presidential advisor and counter-terrorism expert Richard A. Clarke sounds a timely and chilling warning about America's vulnerability in a terrifying new international conflict -cyber war! Every concerned American should listen to this startling and explosive book that offers an insider's view of White House situation room operations and carries the listener to the frontlines of our cyber defense. Cyber War exposes a virulent threat to our nation's security.

The inside story of how America's enemies launched a cyberwar against us - and how we've learned to fight back. In this dramatic audiobook, former assistant attorney general John P. Carlin takes listeners to the front lines of a global but little-understood fight as the Justice Department and the FBI chases down hackers, online terrorist recruiters, and spies.

This is a breakdown of the NIST risk management framework process for cybersecurity professionals getting into security compliance. It is written in layman's terms, without the convoluted way it is described in the NIST SP 800-37 revision 2. It goes into what the information system security officer does at each step in the process and where their attention should be focused. Although the main focus is on implementation of the NIST 800 RMF process, this book covers many of the main concepts on certifications, such as the ISC2 CAP.

The NIST Cybersecurity Framework, intelligently designed to synchronize with top-tier industry practices, is a treasure trove for all cybersecurity enthusiasts, IT professionals, or organizational leaders determined to enhance their information systems security. This book, with its ability to translate complex concepts into accessible lessons, has the power to elevate beginners into adept cybersecurity practitioners.

Cybersecurity All-in-One For Dummies covers a lot of ground in the world of keeping computer systems safe from those who want to break in. This book offers a one-stop resource on cybersecurity basics, personal security, business security, cloud security, security testing, and security awareness. Filled with content to help with both personal and business cybersecurity needs, this book shows you how to lock down your computers, devices, and systems—and explains why doing so is more important now than ever.

Do you need a thorough but straightforward breakdown of the NIST Cybersecurity Framework v1.0? This TWO-BOOK BUNDLE gives a working explanation of the NIST CSF and a method of practical application. Equip yourself with a dual weapon against cyber threats – a theoretical understanding and actionable strategies. Whether you're a cybersecurity novice or a seasoned expert, this 2-in-1 bundle is a must-have resource.

Unlock the secrets to mastering the NIST 800 risk management process in record time with this powerful 2-in-1 bundle! Introducing Information Systems Security NIST 800 2-in-1, featuring both RMF ISSO Foundation Guide and RMF ISSO: NIST 800-53. This comprehensive series is your ultimate roadmap to success, designed to simplify the complexities of NIST 800-53 security controls and show you the actionable steps required throughout the RMF process.