Cyber resilience - Defence-in-depth principles
Cyber resilience - Defence-in-depth principles

Author: Alan Calder

Publisher: IT Governance Ltd

Published: 2023-08-10

Total Pages: 142

ISBN-13: 1787784398

DOWNLOAD EBOOK

We live in a world where technology and vast quantities of data play a considerable role in everyday life, both personal and professional. For the foreseeable future (and perhaps beyond), the growth and prominence of data in business shows no signs of slowing down, even if the technology in question will likely change in ways perhaps unimaginable today. Naturally, all this innovation brings huge opportunities and benefits to organisations and people alike. However, these come at more than just a financial cost. In the world as we know it, you can be attacked both physically and virtually. For today’s organisations, which rely so heavily on technology – particularly the Internet – to do business, the latter attack is the far more threatening of the two. The cyber threat landscape is complex and constantly changing. For every vulnerability fixed, another pops up, ripe for exploitation. Worse, when a vulnerability is identified, a tool that can exploit it is often developed and used within hours – faster than the time it normally takes for the vendor to release a patch, and certainly quicker than the time many organisations take to install that patch. This book has been divided into two parts: Part 1: Security principles. Part 2: Reference controls. Part 1 is designed to give you a concise but solid grounding in the principles of good security, covering key terms, risk management, different aspects of security, defence in depth, implementation tips, and more. This part is best read from beginning to end. Part 2 is intended as a useful reference, discussing a wide range of good-practice controls (in alphabetical order) you may want to consider implementing. Each control is discussed at a high level, focusing on the broader principles, concepts and points to consider, rather than specific solutions. Each control has also been written as a stand-alone chapter, so you can just read the controls that interest you, in an order that suits you.

IT Governance – An international guide to data security and ISO 27001/ISO 27002, Eighth edition
IT Governance – An international guide to data security and ISO 27001/ISO 27002, Eighth edition

Author: Alan Calder

Publisher: IT Governance Ltd

Published: 2024-07-03

Total Pages: 486

ISBN-13: 1787784096

DOWNLOAD EBOOK

Recommended textbook for the Open University’s postgraduate information security course and the recommended text for all IBITGQ ISO 27001 courses In this updated edition, renowned ISO 27001/27002 experts Alan Calder and Steve Watkins: Discuss the ISO 27001/27002:2022 updates; Provide guidance on how to establish a strong IT governance system and an ISMS (information security management system) that complies with ISO 27001 and ISO 27002; Highlight why data protection and information security are vital in our ever-changing online and physical environments; Reflect on changes to international legislation, e.g. the GDPR (General Data Protection Regulation); and Review key topics such as risk assessment, asset management, controls, security, supplier relationships and compliance. Fully updated to align with ISO 27001/27002:2022 IT Governance – An international guide to data security and ISO 27001/ISO 27002, Eighth edition provides: Expert information security management and governance guidance based on international best practice; Guidance on how to protect and enhance your organisation with an ISO 27001:2022-compliant ISMS; and Discussion around the changes to international legislation, including ISO 27001:2022 and ISO 27002:2022. As cyber threats continue to increase in prevalence and ferocity, it is more important than ever to implement a secure ISMS to protect your organisation. Certifying your ISMS to ISO 27001 and ISO 27002 demonstrates to customers and stakeholders that your organisation is handling data securely.

Countering Cyber Sabotage
Countering Cyber Sabotage

Author: Andrew A. Bochman

Publisher: CRC Press

Published: 2021-01-20

Total Pages: 232

ISBN-13: 1000292975

DOWNLOAD EBOOK

Countering Cyber Sabotage: Introducing Consequence-Driven, Cyber-Informed Engineering (CCE) introduces a new methodology to help critical infrastructure owners, operators and their security practitioners make demonstrable improvements in securing their most important functions and processes. Current best practice approaches to cyber defense struggle to stop targeted attackers from creating potentially catastrophic results. From a national security perspective, it is not just the damage to the military, the economy, or essential critical infrastructure companies that is a concern. It is the cumulative, downstream effects from potential regional blackouts, military mission kills, transportation stoppages, water delivery or treatment issues, and so on. CCE is a validation that engineering first principles can be applied to the most important cybersecurity challenges and in so doing, protect organizations in ways current approaches do not. The most pressing threat is cyber-enabled sabotage, and CCE begins with the assumption that well-resourced, adaptive adversaries are already in and have been for some time, undetected and perhaps undetectable. Chapter 1 recaps the current and near-future states of digital technologies in critical infrastructure and the implications of our near-total dependence on them. Chapters 2 and 3 describe the origins of the methodology and set the stage for the more in-depth examination that follows. Chapter 4 describes how to prepare for an engagement, and chapters 5-8 address each of the four phases. The CCE phase chapters take the reader on a more granular walkthrough of the methodology with examples from the field, phase objectives, and the steps to take in each phase. Concluding chapter 9 covers training options and looks towards a future where these concepts are scaled more broadly.

Cyber Resilience: Building Resilient Systems Against Cyber Threats
Cyber Resilience: Building Resilient Systems Against Cyber Threats

Author: Michael Roberts

Publisher: Richards Education

Published:

Total Pages: 158

ISBN-13:

DOWNLOAD EBOOK

In an era where cyber threats are ever-evolving and increasingly sophisticated, organizations must prioritize cyber resilience to protect their assets and ensure business continuity. "Cyber Resilience: Building Resilient Systems Against Cyber Threats" is a comprehensive guide that equips businesses, IT professionals, and cybersecurity leaders with the knowledge and strategies to develop robust systems capable of withstanding and recovering from cyber incidents. This book covers a wide range of topics, from understanding the threat landscape to implementing effective response and recovery plans. Through detailed explanations, practical insights, and real-world case studies, this handbook offers a holistic approach to achieving cyber resilience and safeguarding your organization against cyber adversaries.

Effective Model-Based Systems Engineering
Effective Model-Based Systems Engineering

Author: John M. Borky

Publisher: Springer

Published: 2018-09-08

Total Pages: 788

ISBN-13: 3319956698

DOWNLOAD EBOOK

This textbook presents a proven, mature Model-Based Systems Engineering (MBSE) methodology that has delivered success in a wide range of system and enterprise programs. The authors introduce MBSE as the state of the practice in the vital Systems Engineering discipline that manages complexity and integrates technologies and design approaches to achieve effective, affordable, and balanced system solutions to the needs of a customer organization and its personnel. The book begins with a summary of the background and nature of MBSE. It summarizes the theory behind Object-Oriented Design applied to complex system architectures. It then walks through the phases of the MBSE methodology, using system examples to illustrate key points. Subsequent chapters broaden the application of MBSE in Service-Oriented Architectures (SOA), real-time systems, cybersecurity, networked enterprises, system simulations, and prototyping. The vital subject of system and architecture governance completes the discussion. The book features exercises at the end of each chapter intended to help readers/students focus on key points, as well as extensive appendices that furnish additional detail in particular areas. The self-contained text is ideal for students in a range of courses in systems architecture and MBSE as well as for practitioners seeking a highly practical presentation of MBSE principles and techniques.

Information Technology for Peace and Security
Information Technology for Peace and Security

Author: Christian Reuter

Publisher: Springer

Published: 2019-03-12

Total Pages: 425

ISBN-13: 3658256524

DOWNLOAD EBOOK

This book offers an introduction to Information Technology with regard to peace, conflict, and security research, a topic that it approaches from natural science, technical and computer science perspectives. Following an initial review of the fundamental roles of IT in connection with peace, conflict and security, the contributing authors address the rise of cyber conflicts via information warfare, cyber espionage, cyber defence and Darknets. The book subsequently explores recent examples of cyber warfare, including: • The Stuxnet attack on Iran’s uranium refining capability • The hacking of the German Federal Parliament’s internal communication system • The Wannacry malware campaign, which used software stolen from a US security agency to launch ransomware attacks worldwide The book then introduces readers to the concept of cyber peace, including a discussion of confidence and security-building measures. A section on Cyber Arms Control draws comparisons to global efforts to control chemical warfare, to reduce the risk of nuclear war, and to prevent the militarization of space. Additional topics include the security of critical information infrastructures, and cultural violence and peace in social media. The book concludes with an outlook on the future role of IT in peace and security. Information Technology for Peace and Security breaks new ground in a largely unexplored field of study, and offers a valuable asset for a broad readership including students, educators and working professionals in computer science, IT security, peace and conflict studies, and political science.

Cybersecurity Essentials: Protecting Your Digital Assets
Cybersecurity Essentials: Protecting Your Digital Assets

Author: Michael Roberts

Publisher: Richards Education

Published:

Total Pages: 153

ISBN-13:

DOWNLOAD EBOOK

In an increasingly digital world, securing your digital assets has never been more critical. Cybersecurity Essentials: Protecting Your Digital Assets provides a comprehensive guide to understanding and implementing robust cybersecurity measures. This book covers everything from the fundamentals of cybersecurity and network security to data protection, application security, and incident response. Learn about emerging threats and technologies, and discover best practices for building a cybersecurity culture within your organization. Whether you are a seasoned professional or new to the field, this book equips you with the knowledge and tools needed to safeguard your digital world.

Series on Chemical Accidents OECD Guiding Principles for Chemical Accident Prevention, Preparedness and Response - Third Edition
Series on Chemical Accidents OECD Guiding Principles for Chemical Accident Prevention, Preparedness and Response - Third Edition

Author: OECD

Publisher: OECD Publishing

Published: 2023-06-16

Total Pages: 180

ISBN-13: 9264928537

DOWNLOAD EBOOK

Chemical accidents with serious consequences continue to happen in OECD Member countries and worldwide. Over the past decades, successive major accidents have caused deaths, injuries, significant environmental pollution and massive economic losses – from the hydrogen fluoride leak in Gumi (Korea) in 2012, the ammonium nitrate explosion in West, Texas (United States) in 2013 or, recently, the blow-up of a chemical facility in Tarragona (Spain) and the explosion at the port of Beirut (Lebanon) in 2020, and the blast in Leverkusen (Germany) in 2021. This third edition of the OECD Guiding Principles for Chemical Accident Prevention, Preparedness and Response provides guidance for the safe planning and operation of hazardous installations. It aims to support public authorities and industry in taking appropriate actions to prevent chemical accidents and to mitigate impacts of accidents that do nevertheless occur. These guiding principles apply to fixed installations at which hazardous substances are produced, processed, handled, stored, used or disposed of, in such a form and quantity that there might be a risk of occurrence of a chemical accident. These guiding principles constitute the technical guidance supporting the implementation of the Decision-Recommendation of the Council concerning Chemical Accident Prevention, Preparedness and Response adopted in 2023.

Digital Transformation, Cyber Security and Resilience
Digital Transformation, Cyber Security and Resilience

Author: Todor Tagarev

Publisher: Springer Nature

Published: 2023-12-02

Total Pages: 263

ISBN-13: 303144440X

DOWNLOAD EBOOK

This volume constitutes revised and selected papers presented at the First International Conference on Digital Transformation, Cyber Security and Resilience, DIGILIENCE 2020, held in Varna, Bulgaria, in September - October 2020. The 17 papers presented were carefully reviewed and selected from the 119 submissions. They are organized in the topical sections as follows: ​cyber situational awareness, information sharing and collaboration; protecting critical infrastructures and essential services from cyberattacks; big data and artificial intelligence for cybersecurity; advanced ICT security solutions; education and training for cyber resilience; ICT governance and management for digital transformation.