This book demonstrates how information security requires a deep understanding of organizations assets, threats, and processes, combined with security measures that can best protect their information security. In today’s digital world, a rigorous security approach is central to defend organizations digital systems, networks, and infrastructure resources from malicious threat incidents. Thus, the book demonstrates how information security requires a deep understanding of organizations assets, threats, and processes, combined with security measures that can best protect their information security. It provides step-by-step guidance on how to analyze organizational processes from a security perspective, while also introducing international security concepts and techniques with their requirements designing security strategies. Hence, this interdisciplinary book is intended for business and technology audiences as a professional book in the context of security trends, principles, methods, techniques, applications and best practices to help the reader mastering the material required defending against malicious threat risk incidents.
Organizations must first understand the particular threats that an organization may be prone to, including different types of security attacks, social engineering, and fraud incidents, as well as addressing applicable regulation standards. This international edition covers relevant international security standards for business application sectors and provide security controls and security planning. Security planning includes information security, network and physical security, incident response and metrics, to achieve business continuity, which include data privacy, cloud security, zero trust, secure software requirements and lifecycle, security by design and default, and artificial intelligence in security. To deal with this complexity this book includes a section on security maturity maturity level analysis.
This book targets professionals in business, IT, security, software development or security risk analysis as a reference book and advanced-level computer science students as a secondary textbook, to develop an own security plan. This book also enables computer science, information technology, or business students to implement a case study or a best practice example or a strategic security planning for an application domain of their choosing.