MANAGEMENT OF INFORMATION SECURITY, Sixth Edition prepares you to become an information security management practitioner able to secure systems and networks in a world where continuously emerging threats, ever-present attacks and the success of criminals illustrate the weaknesses in current information technologies. You'll develop both the information security skills and practical experience that organizations are looking for as they strive to ensure more secure computing environments. The text focuses on key executive and managerial aspects of information security. It also integrates coverage of CISSP and CISM throughout to effectively prepare you for certification. Reflecting the most recent developments in the field, it includes the latest information on NIST, ISO and security governance as well as emerging concerns like Ransomware, Cloud Computing and the Internet of Things.
Unit I: FOUNDATIONS OF INFORMATION SECURITY.
1. Introduction to Management of Information Security.
2. Compliance: Law and Ethics.
Unit II: STRATEGIC INFORMATION SECURITY MANAGEMENT.
3. Governance and Strategic Planning for Security.
4. Information Security Policy.
5. Developing the Security Program.
6. Risk Management: Identifying and Assessing Risk.
7. Risk Management: Controlling Risk.
Unit III: OPERATIONAL INFORMATION SECURITY MANAGEMENT.
8. Security Management Models.
9. Security Management Practices.
10. Planning for Contingencies.
11. Security Maintenance and the Management of Digital Forensics.
12. Protection Mechanisms.
