Information Security Management, 2nd Edition

Book description

Information Security Management, Second Edition arms students with answers to the most critical questions about the fields of cybersecurity. It provides students with references to more in-depth study in areas where they may need to specialize. The Second Edition covers operations—the job of day-to-day cybersecurity tasks—regulations, compliance, laws and policies, research and development, and the creation of software and cyber defenses for security initiatives. Finally, the text covers advanced R&D involved in strategic aspects of security developments for threats that lay on the horizon.

Table of contents

  1. Cover
  2. Title Page
  3. Copyright Page
  4. Dedication Page
  5. Contents
  6. Preface
  7. Acknowledgments
  8. About the Author
  9. CHAPTER 1 Introduction to Information and Cybersecurity
    1. 1.1 Introduction to Information and Cybersecurity
    2. 1.2 The Study of Information and Cybersecurity
      1. 1.2.1 Concentrating on the Discipline
      2. 1.2.2 Research and Practice in Cybersecurity
    3. 1.3 Information and Cybersecurity
      1. 1.3.1 Technology and Humans-in-the-Loop
    4. 1.3.2 Information and Cybersecurity Basic Concepts
    5. 1.4 Information and Cybersecurity Topics
      1. 1.4.1 Key Information and Cybersecurity Concepts
    6. CHAPTER SUMMARY
    7. IMPORTANT TERMS
    8. THINK ABOUT IT
    9. REFERENCES
  10. CHAPTER 2 Information Security Departments and Roles
    1. 2.1 Software Engineering and Development
      1. 2.1.1 DevOps and Software Development Life Cycle
      2. 2.1.2 DevSecOps
      3. 2.1.3 Information Security Management Life Cycle
      4. 2.1.4 The SDLC and Information Security
      5. 2.1.5 Planning: Failures Are a Rule, Not an Exception
    2. 2.2 Life-Cycle Processes
      1. 2.2.1 Life-Cycle Planning Stages
      2. 2.2.2 Life-Cycle Design and Implementation Stages
    3. 2.3 Operations
      1. 2.3.1 NOC/TOC
      2. 2.3.2 Monitoring Infrastructure with IDS
      3. 2.3.3 Maintaining Operational Capabilities
    4. 2.4 Compliance/Governance
      1. 2.4.1 Compliance and Professional Cybersecurity Training
      2. 2.4.2 Compliance and Behavioral Governance
      3. 2.4.3 Compliance Auditing of Systems and Networks
      4. 2.4.4 Compliance and Data Centers
    5. 2.5 Cybersecurity Incidents
      1. 2.5.1 Handling Inevitable Incidents
      2. 2.5.2 Reporting Security Incidents
      3. 2.5.3 Collecting and Preserving Evidence
      4. 2.5.4 Cyberstalking and Harassment Incidents
    6. CHAPTER SUMMARY
    7. IMPORTANT TERMS
    8. THINK ABOUT IT
    9. REFERENCES
  11. CHAPTER 3 Actors and Practices
    1. 3.1 Getting to Know Your Adversary
      1. 3.1.1 The Insider Threat
      2. 3.1.2 Hacktivist
      3. 3.1.3 State-Sponsored Actor
    2. 3.2 Attack Surface
      1. 3.2.1 Network Security Zones
      2. 3.2.2 Zero Trust Networks
    3. 3.3 Some Cybersecurity Attacks and Countermeasures
      1. 3.3.1 DDoS (Distributed Denial of Service)
      2. 3.3.2 Phishing, Vishing, and Smishing
      3. 3.3.3 Cryptojacking
      4. 3.3.4 Ransomware
      5. 3.3.5 Backdoors
    4. 3.4 Some Specific Attack Scenarios
      1. 3.4.1 ICMP Tunnel Attacks
      2. 3.4.2 ICMP Permutation Attacks
      3. 3.4.3 Network Packet, Frame, or Octet Attacks
      4. 3.4.4 DNS Hijacking
    5. CHAPTER SUMMARY
    6. IMPORTANT TERMS
    7. THINK ABOUT IT
    8. REFERENCES
  12. CHAPTER 4 Corporations: Laws, Regulations, and Policies
    1. 4.1 Business Law and Regulations
      1. 4.1.1 Accountability, Responsibility, and Law
      2. 4.1.2 Intellectual Property
    2. 4.2 Organizational Power Structures
      1. 4.2.1 The Management Discipline
      2. 4.2.2 Management Initiatives and Security
      3. 4.2.3 Information Security Management
      4. 4.2.4 Organizational Structure, Principals, and Agency
      5. 4.2.5 Delegation of Responsibilities and Power
      6. 4.2.6 Fiduciary Responsibilities
      7. 4.2.7 Ethics and Ethical Behavior
    3. 4.3 Law and Enforceable Security Policies
      1. 4.3.1 Enforced and Enforceable Security Policies
      2. 4.3.2 Policies and Controls
    4. CHAPTER SUMMARY
    5. IMPORTANT TERMS
    6. THINK ABOUT IT
    7. REFERENCES
  13. CHAPTER 5 Information Security Management
    1. 5.1 Managing Information Security
      1. 5.1.1 ISML and Strategy
      2. 5.1.2 ISML and Governance Frameworks
    2. 5.2 Technology Management and Governance
      1. 5.2.1 Governance and Security Programs
      2. 5.2.2 Enacting Security Programs
    3. 5.3 Control Frameworks
      1. 5.3.1 ITIL / ITSM
      2. 5.3.2 COBIT
      3. 5.3.3 ISO 27K IT Security Control Selection
      4. 5.3.4 NIST 800-53
    4. CHAPTER SUMMARY
    5. IMPORTANT TERMS
    6. THINK ABOUT IT
    7. REFERENCES
  14. CHAPTER 6 Assessing Threats and Vulnerabilities
    1. 6.1 Threat Classifications and Infrastructure
      1. 6.1.1 Internet of Things (IoT)
      2. 6.1.2 Cloud Computing
      3. 6.1.3 Servers and Host Computers
      4. 6.1.4 Networking
      5. 6.1.5 Programming Languages and Resource Files
      6. 6.1.6 RDF and Ontology Markup
      7. 6.1.7 Active Semantic Systems
      8. 6.1.8 Agent Frameworks and Semantic Fusion
    2. 6.2 Threats and Vulnerabilities
      1. 6.2.1 Mobility and Threats
      2. 6.2.2 Interconnectivity and Insecurity
      3. 6.2.3 Security Countermeasures and Unintended Consequences
    3. 6.3 Broad Attack Classifications and Examples
      1. 6.3.1 Information System Attack Examples
      2. 6.3.2 Giving Attackers Information
    4. CHAPTER SUMMARY
    5. IMPORTANT TERMS
    6. THINK ABOUT IT
    7. REFERENCES
  15. CHAPTER 7 Risk Assessments and Risk Management
    1. 7.1 Assessing Risks
      1. 7.1.1 Identifying and Classifying Security Risks
      2. 7.1.2 Cybersecurity Response and Governance
    2. 7.2 Risks and Management
      1. 7.2.1 Risks and Countermeasures
      2. 7.2.2 Hoping for the Best, Planning for the Worst
    3. 7.3 Risk Assessment Overview
      1. 7.3.1 Risk Mitigation
      2. 7.3.2 Cybersecurity Hygiene
    4. 7.4 Risk Determination Frameworks
      1. 7.4.1 Risk Determination and Management Frameworks
      2. 7.4.2 OCTAVE
      3. 7.4.3 NIST 800-30
      4. 7.4.4 Using the Frameworks for Implementing Plans
    5. CHAPTER SUMMARY
    6. IMPORTANT TERMS
    7. THINK ABOUT IT
    8. REFERENCES
  16. CHAPTER 8 Computer Architecture and Security Models
    1. 8.1 Security Models versus Policies
      1. 8.1.1 Computer Architecture and Systems Security
      2. 8.1.2 Security Models and Systems Architecture
      3. 8.1.3 Security Models and Computer Architecture
    2. 8.2 Security Models and Countermeasures
      1. 8.2.1 Security Models, Clark–Wilson Example
      2. 8.2.2 Security Models and Stances
      3. 8.2.3 Countermeasures and Security Models
    3. 8.3 Extending Security with Defense-In-Depth
      1. 8.3.1 Trusted Computing Base (TCB) and Common Criteria
      2. 8.3.2 Evaluation and Certification
      3. 8.3.3 Computer Security Controls
      4. 8.3.4 Threats to Computer Security
    4. 8.4 Computer Security and Hardening Systems
      1. 8.4.1 Ensuring a Trusted Configuration
      2. 8.4.2 Password Protections
      3. 8.4.3 User Authentication
    5. 8.5 Biometrics
      1. 8.5.1 Biometric Uses
      2. 8.5.2 Biometric Security Process and Information Protection
      3. 8.5.3 Biometrics and Errors
      4. 8.5.4 Biometric Errors and Technology
      5. 8.5.5 Biometrics in Computer Security
    6. 8.6 Secure Software Development and DevSecOps
      1. 8.6.1 Secure Systems Development and Implementation
      2. 8.6.2 Computer Security and Configuration Management
    7. CHAPTER SUMMARY
    8. IMPORTANT TERMS
    9. THINK ABOUT IT
    10. REFERENCES
  17. CHAPTER 9 Security Policies and Managing Behaviors
    1. 9.1 Security and Policies
      1. 9.1.1 Security Policies and Employment Law
      2. 9.1.2 Security Policies and Corrective Action
    2. 9.2 Monitoring and Security Policies
      1. 9.2.1 Monitoring as a Policy
      2. 9.2.2 Information Collection and Storage
      3. 9.2.3 Monitoring and Organizational Justice
      4. 9.2.4 Surveillance and Trust
      5. 9.2.5 Virtual Work, Security, and Privacy
    3. 9.3 Managing Security Behaviors
      1. 9.3.1 Organizational Behavior
      2. 9.3.2 Behavior Modification
      3. 9.3.3 Organizational Security Behaviors
      4. 9.3.4 Management of Omission Behaviors
    4. 9.4 Contravention Behaviors, Theory, and Research
      1. 9.4.1 Attacker Motivation, Personality, and Behavior Theory
      2. 9.4.2 Entertainment and Status
      3. 9.4.3 Ideology and Social Acceptance
      4. 9.4.4 Neuroticism, Impulse, and Exploitation
    5. 9.5 Management of Contravention Behaviors
      1. 9.5.1 Responding to the Outside Attacker
      2. 9.5.2 Responding to the Inside Attacker
      3. 9.5.3 Ethics and Employee Attitudes Toward the Law
    6. CHAPTER SUMMARY
    7. IMPORTANT TERMS
    8. THINK ABOUT IT
    9. REFERENCES
  18. CHAPTER 10 Cryptography
    1. 10.1 Cryptography Essentials
      1. 10.1.1 Cryptographic Concepts
      2. 10.1.2 Generating a Simple Cipher Code
      3. 10.1.3 Breaking a Simple Cipher Code
      4. 10.1.4 Ciphertext Dissection and “S” Boxes
      5. 10.1.5 Cryptography and Security Goals
    2. 10.2 Symmetric Cryptography
      1. 10.2.1 Symmetric Ciphers and Keys
      2. 10.2.2 Substitution, Transposition, and Permutation
      3. 10.2.3 Modern Symmetric Ciphers
      4. 10.2.4 Key Issues with Symmetric Cryptography
    3. 10.3 Asymmetric Cryptography
      1. 10.3.1 Private Keys and Asymmetric Cryptography
      2. 10.3.2 Beyond Encrypting Messages
      3. 10.3.3 Key Distribution and PKI
      4. 10.3.4 Public Key Algorithms: RSA as an Example
    4. 10.4 Cryptographic Uses
      1. 10.4.1 IPSec Implementation
      2. 10.4.2 SSL/TLS
      3. 10.4.3 Virtual Private Networks (VPN)
    5. CHAPTER SUMMARY
    6. IMPORTANT TERMS
    7. THINK ABOUT IT
    8. REFERENCES
  19. CHAPTER 11 Network Security, Firewalls, IDS, and SeCM
    1. 11.1 Firewall Systems
      1. 11.1.1 Stateless Screening Filters
      2. 11.1.2 Stateful Packet Inspection
      3. 11.1.3 Circuit Gateway Firewalls
      4. 11.1.4 Application-Layer Firewall
      5. 11.1.5 Bastion Hosts
    2. 11.2 Firewall Architecture
      1. 11.2.1 Belt and Braces Architecture
      2. 11.2.2 Screened Subnet Architecture
      3. 11.2.3 Ontology Based Architecture
    3. 11.3 Cybermonitoring and Scanning Systems
      1. 11.3.1 IDS Detection Methods
      2. 11.3.2 IDSs and IPSs
      3. 11.3.3 Code and Application Scanning
    4. 11.4 Information and Cybersecurity Management
      1. 11.4.1 SeCM and CM
      2. 11.4.2 CM and Computer Security Procedures and Frameworks
      3. 11.4.3 Security Management Planning—System Level
      4. 11.4.4 Configuring to a Secure State
      5. 11.4.5 Managed Enterprises
      6. 11.4.6 Managed Legacy Systems
      7. 11.4.7 Extended Guidelines
      8. 11.4.8 Center for Internet Security Benchmarks
      9. 11.4.9 Maintaining the Secure State
      10. 11.4.10 Conducting a Security Impact Analysis
      11. 11.4.11 Certification and Accreditation
    5. CHAPTER SUMMARY
    6. IMPORTANT TERMS
    7. THINK ABOUT IT
    8. REFERENCES
  20. CHAPTER 12 Information Security Horizons
    1. 12.1 Cybersecurity Analytics and Machine Learning
      1. 12.1.1 Machine Learning and Models
      2. 12.1.2 Machine Learning and Natural Language Processing
      3. 12.1.3 Traffic Analysis
    2. 12.2 Game Theory and Predictive Models
      1. 12.2.1 Inductive Predictions
      2. 12.2.2 Deductive Predictions
      3. 12.2.3 Game Theory and Attack Modeling
    3. 12.3 Reasoning and Inference
      1. 12.3.1 Reasoning Systems
      2. 12.3.2 Ontology and Epistemology
      3. 12.3.3 Inference and the Ontological to Epistemic Transformation
    4. 12.4 Heuristics and AI Decision Systems
      1. 12.4.1 Reasoning: Discrete versus Equivocal Problems
      2. 12.4.2 Synthetic Heuristics
      3. 12.4.3 Issues with Synthetic Heuristic Systems
      4. 12.4.4 Combining Techniques
    5. 12.5 Heuristic Biases and Security Planning
      1. 12.5.1 AI Decisions, Naïve Theories, and Biases
      2. 12.5.2 Interactions of Biases and Framing Effects
      3. 12.5.3 Biases, Framing Effects, and Security Decisions
    6. 12.6 Biologically Inspired Security and Adaptive Systems
      1. 12.6.1 Self-Healing Adaptive Systems
      2. 12.6.2 Damage and Danger
      3. 12.6.3 Trusted Security Kernels
      4. 12.6.4 Social Systems
      5. 12.6.5 Social Systems and Security Adaptation
      6. 12.6.6 Collective Agency, Availability, and Integrity
    7. 12.7 Sociobiologically Inspired Systems—A Final Case
      1. 12.7.1 Novelty as Potential Danger
      2. 12.7.2 Sociobiological Behavior as Goal-Directed Behavior
      3. 12.7.3 Adaptive Synthetic Systems
      4. 12.7.4 Challenges for Ad Hoc Networks and Adaptive Systems
    8. CHAPTER SUMMARY
    9. IMPORTANT TERMS
    10. THINK ABOUT IT
    11. REFERENCES
  21. Appendix: Think About IT Answers
  22. Index

Product information

  • Title: Information Security Management, 2nd Edition
  • Author(s): Michael Workman
  • Release date: October 2021
  • Publisher(s): Jones & Bartlett Learning
  • ISBN: 9781284211672