Information Security

In Wiley's Certified Information Security Manager (CISM) Study Guide, you'll get the information you need to succeed on the demanding CISM exam. You'll also develop the IT security skills and confidence you need to prove yourself where it really counts: on the job. Chapters are organized intuitively and by exam objective so you can easily keep track of what you've covered and what you still need to study. You'll also get access to a pre-assessment, so you can find out where you stand before you take your studies further.

Do you need a thorough but straightforward breakdown of the NIST Cybersecurity Framework v1.0? This TWO-BOOK BUNDLE gives a working explanation of the NIST CSF and a method of practical application. Equip yourself with a dual weapon against cyber threats – a theoretical understanding and actionable strategies. Whether you're a cybersecurity novice or a seasoned expert, this 2-in-1 bundle is a must-have resource.

A straightforward look at the four domains of the ISACA Certified Information Security Manager exam. This book will help you get a firm grasp on the key topics needed for success with the exam. Included are over 120 practice questions covering the four domains of ISACA's CISM.

(ISC)2 Certified Information Systems Security Professional (CISSP) Official Study Guide, 9th Edition has been completely updated based on the latest 2021 CISSP Exam Outline. This bestselling Sybex study guide covers 100% of the exam objectives. You'll prepare for the exam smarter and faster with Sybex thanks to expert content, knowledge from our real-world experience, advice on mastering this adaptive exam, access to the Sybex online interactive learning environment, and much more. Reinforce what you've learned with key topic exam essentials and chapter review questions.

The United States is being bombarded with cyber-attacks. From the surge in ransomware groups targeting critical infrastructure to nation states compromising the software supply chain and corporate email servers, malicious cyber activities have reached an all-time high. Russia attracts the most attention, but China is vastly more sophisticated. They have a common interest in exploiting the openness of the Internet and social media—and our democracy—to erode confidence in our institutions and to exacerbate our societal rifts to prevent us from mounting an effective response.

Andrew J. Stewart convincingly shows that emergency software patches and new security products cannot provide the solution to threats such as computer hacking, viruses, software vulnerabilities, and electronic spying. Profound underlying structural problems must first be understood, confronted, and then addressed.

"Information Security and Cybersecurity Frameworks 101", provides a comprehensive guide to understanding and implementing information security and cybersecurity frameworks. The book covers popular frameworks, such as ISO/IEC 27001, NIST Cybersecurity Framework, and Center for Internet Security (CIS) Critical Security Controls, and provides guidance on selecting and implementing the appropriate framework for an organization's specific needs and challenges. The book also includes case studies and lessons learned, as well as a section on emerging trends and technologies. With a focus on the ...

"Conquer the CISSP Exam: Your Guide to Success as a Certified Information Systems Security Professional" is your comprehensive resource for mastering the Certified Information Systems Security Professional (CISSP) exam. This guide offers a deep dive into each of the eight CISSP domains, providing clear explanations and practical insights to ensure you understand and can apply key concepts. Covering topics such as Security and Risk Management, Asset Security, Security Engineering, Communications and Network Security, Identity and Access Management, Security Assessment and Testing, Security ...

"Mastering Information Security: A Comprehensive Guide to Implementing ISO 27000 Series" is a definitive exploration of the intricate realm of information security, authored by the seasoned expert Russell D. Nomer, CISSP. In an era where data breaches and cyber threats loom larger than ever, this book stands as a beacon of knowledge, guiding professionals, technology experts, and business leaders through the complexities of safeguarding digital assets. With over three decades of experience in the field, Russell D. Nomer, a Certified Information Systems Security Professional (CISSP), lends ...

Based on insights gained from academic research, as well as interviews with UK-based security professionals from various sectors, The Psychology of Information Security describes how resolving conflicts between security compliance and human behavior explains the importance of careful risk management and how to align a security program with wider business objectives, providing methods and techniques to engage stakeholders and encourage buy-in.

Our data is besieged daily in the information economy, leading to hidden AI harms. Companies can do this because our laws are built on outdated ideas that trap lawmakers, regulators, and courts into wrong assumptions, resulting in ineffective approaches to one of the most pressing concerns of our generation. Drawing on behavioral science, social data science, and economics, this book dispels enduring misconceptions about AI-driven interactions. Its exploration offers a view of why current regulations fail to protect us against digital harms, particularly those created by AI.

Unlock the secrets to mastering the NIST 800 risk management process in record time with this powerful 2-in-1 bundle! Introducing Information Systems Security NIST 800 2-in-1, featuring both RMF ISSO Foundation Guide and RMF ISSO: NIST 800-53. This comprehensive series is your ultimate roadmap to success, designed to simplify the complexities of NIST 800-53 security controls and show you the actionable steps required throughout the RMF process.

In The DevSecOps Playbook: Deliver Continuous Security at Speed, the chief information and information security officer at Wiley, Sean D. Mack, delivers an insightful and practical discussion of how to keep your business secure. You'll learn how to leverage the classic triad of people, process, and technology to build strong cybersecurity infrastructure and practices. You'll also discover the shared responsibility model at the core of DevSecOps as you explore the principles and best practices that make up contemporary frameworks.

Every organization today faces an ever-changing set of threats in this digital landscape. Understanding how to develop a functional information security program to protect your organization’s reputation and brand from being tarnished due to a breach of your company’s sensitive information is more critical than ever. Developing a functional program that sets up the best information security practices across the organization’s operational workflows, is the leading practice for protecting against a possible breach.

Kali Purple is a comprehensive security tool that combines offensive and defensive methodologies, providing a versatile platform for vulnerability assessment and penetration testing. Originating from Kali Linux, it combines aggressive tactics with vigilant defenses, embodying the purple teaming concept. This book aims to serve as a comprehensive guide for mastering Kali Purple, catering to both beginners and seasoned professionals. It covers various aspects of security, including application, database, wireless, and cloud security. Beyond technical aspects, it also discusses social ...

It’s easy to find descriptions of what threat intelligence is. But it’s harder to learn how to use it to truly make your organization safe from cybercriminals. How can threat intelligence strengthen all the teams in a cybersecurity organization? This audiobook answers this question. It reviews the kinds of threat intelligence that are useful to security teams and how each team can use that intelligence to solve problems and address challenges.

Are you ready to revolutionize your organization’s approach to cybersecurity and learn GRC? In a world where threats evolve faster than ever, achieving robust Governance, Risk Management, and Compliance (GRC) is no longer optional—it’s essential. Yet, countless organizations struggle to bridge the gap between lofty compliance standards and practical implementation. Imagine having a proven roadmap that transforms the complexities of cybersecurity frameworks into a clear, actionable plan tailored to your organization’s unique needs while giving you a practical understanding of GRC. ...

Embark on a transformative journey with the Ultimate CISSP Exam Study Guide: 500 Concise Questions for Cybersecurity Mastery. This comprehensive eBook redefines your exam preparation by delivering 500 expertly crafted questions and 50-word answers covering every critical CISSP domain. Whether you’re a seasoned professional or a cybersecurity novice, this guide is your ultimate resource for mastering the complex world of information security. This isn’t just another study guide—it’s a practical toolkit that challenges your understanding, reinforces essential concepts, and sharpens ...

Salesforce, the world's leading CRM platform, is trusted by thousands of businesses to manage their sales, marketing, and customer service operations. Recognizing the critical importance of security, Salesforce has built an extensive array of security features into its platform. These features span various aspects of security, including user authentication and authorization, data encryption and privacy, network security, and secure development practices. Salesforce also invests heavily in continuous security improvements, regularly releasing updates and enhancements to help organizations ...

We live in an interconnected world, where security problems like terrorism are spilling across borders, and globalized data networks and e-commerce platforms are reshaping the world economy. This means that states' jurisdictions and rule systems clash. How have they negotiated their differences over freedom and security? Of Privacy and Power investigates how the European Union and United States, the two major regulatory systems in world politics, have regulated privacy and security, and how their agreements and disputes have reshaped the transatlantic relationship.