LEADER 05407nam  22006495  450 
001 9910800115103321
005 20240116205407.0
010   $a3-031-43118-9
024 7 $a10.1007/978-3-031-43118-0
035   $a(MiAaPQ)EBC31072033
035   $a(Au-PeEL)EBL31072033
035   $a(DE-He213)978-3-031-43118-0
035   $a(EXLCZ)9929958290700041
100   $a20240116d2024      u|             0
101 0 $aeng
135   $aurcnu||||||||
181   $ctxt$2rdacontent
182   $cc$2rdamedia
183   $acr$2rdacarrier
200 10$aInformation Security Planning$b[electronic resource] $eA Practical Approach /$fby Susan Lincke
205   $a2nd ed. 2024.
210  1$aCham :$cSpringer International Publishing :$cImprint: Springer,$d2024.
215   $a1 online resource (446 pages)
311 08$aPrint version: Lincke, Susan Information Security Planning Cham : Springer International Publishing AG,c2024 9783031431173 
327   $aPart. I. The Problem of Security -- Chapter. 1. Security Awareness: Brave New World -- Chapter. 2. Combatting Fraud -- Chapter. 3. Complying with the PCI DSS Standard -- Part. II. Strategic Security Planning -- Chapter. 4. Managing Risk -- Chapter. 5. Addressing Business Impact Analysis and Business Continuity -- Chapter. 6. Governing: Policy, Maturity Models and Planning -- Part. III. Tactical Security Planning -- Chapter. 7. Designing Information Security -- Chapter. 8. Planning for Network Security -- Chapter. 9. Designing Physical Security -- Chapter. 10. Attending to Information Privacy -- Chapter. 11. Planning for Alternative Networks: Cloud Security and Zero Trust -- Chapter. 12. Organizing Personnel Security -- Part. IV. Planning for Detect, Respond, Recover -- Chapter. 13. Planning for Incident Response -- Chapter. 14. Defining Security Metrics -- Chapter. 15. Performing an Audit or Security Test -- Chapter. 16. Preparing for Forensic Analysis -- Part. V. Complying with National Regulations and Ethics -- Chapter. 17. Complying with the European Union General Data Protection Regulation (GDPR) -- Chapter. 18. Complying with U.S. Security Regulations -- Chapter. 19. Complying with HIPAA and HITECH -- Chapter. 20. Maturing Ethical Risk -- Part. VI. Developing Secure Software -- Chapter. 21. Understanding Software Threats and Vulnerabilities -- Chapter. 22. Defining a Secure Software Process -- Chapter. 23. Planning for Secure Software Requirements and Design with UML.
330   $aThis book demonstrates how information security requires a deep understanding of an organization's assets, threats and processes, combined with the technology that can best protect organizational security. It provides step-by-step guidance on how to analyze business processes from a security perspective, while also introducing security concepts and techniques to develop the requirements and design for security technologies. This interdisciplinary book is intended for business and technology audiences, at student or experienced levels. Organizations must first understand the particular threats that an organization may be prone to, including different types of security attacks, social engineering, and fraud incidents, as well as addressing applicable regulation and security standards. This international edition covers Payment Card Industry Data Security Standard (PCI DSS), American security regulation, and European GDPR. Developing a risk profile helps to estimate the potential costs that an organization may be prone to, including how much should be spent on security controls. Security planning then includes designing information security, as well as network and physical security, incident response and metrics. Business continuity considers how a business may respond to the loss of IT service. Optional areas that may be applicable include data privacy, cloud security, zero trust, secure software requirements and lifecycle, governance, introductory forensics, and ethics. This book targets professionals in business, IT, security, software development or risk. This text enables computer science, information technology, or business students to implement a case study for an industry of their choosing.
606   $aComputer security
606   $aData protection
606   $aData protection$xLaw and legislation
606   $aBusiness information services
606   $aComputers$xLaw and legislation
606   $aInformation technology$xLaw and legislation
606   $aPrinciples and Models of Security
606   $aData and Information Security
606   $aPrivacy
606   $aBusiness Information Systems
606   $aLegal Aspects of Computing
615  0$aComputer security.
615  0$aData protection.
615  0$aData protection$xLaw and legislation.
615  0$aBusiness information services.
615  0$aComputers$xLaw and legislation.
615  0$aInformation technology$xLaw and legislation.
615 14$aPrinciples and Models of Security.
615 24$aData and Information Security.
615 24$aPrivacy.
615 24$aBusiness Information Systems.
615 24$aLegal Aspects of Computing.
676   $a005.8
700   $aLincke$b Susan$01059432
801  0$bMiAaPQ
801  1$bMiAaPQ
801  2$bMiAaPQ
906   $aBOOK
912   $a9910800115103321
996   $aInformation Security Planning$93874437
997   $aUNINA