Assessing Information Security

Cybercrime is on the move. It is in a state of constant evolution, capable of adapting both to developments in technology and to whatever security measures its targets have already put in place. It will seek out your weak points in order to exploit them for its own advantage. However, although the people who want to harm your business will try to take you by surprise, they are also bound to have weaknesses of their own. Because the activity of the cybercriminal is both deliberate and hostile, they can be compared to a military adversary. So if you want to defend yourself from cybercrime you can learn from military strategy. Fighting cybercrime is about more than bureaucracy and compliance. Your companys approach to information security has to be integrated with your overall business goals. The people at the top have to provide leadership, while the people at the bottom need to understand the companys information security policy and be able to show initiative when faced with an unexpected attack. If you want to take active steps to deter the cybercriminal, then this book is for you. It will help you plan the right strategy for defending your business from cybercrime.

1. Information Security Auditing and Strategy
2. Security Auditing, Governance, Policies and Compliance
3. Security Assessments Classification
4. Advanced Pre-Assessment Planning
5. Security Audit Strategies and Tactics
6. Synthetic Evaluation of Risks
7. Presenting the Outcome and Follow-Up Acts
8. Reviewing Security Assessment Failures and Auditor Management Strategies

A Vladimirov, K Gavrilenko, A Michajlowski