{"product_id":"9780133481174","title":"Security Program and Policies: Principles and Practices","description":"\u003cp\u003e \u003cb\u003eEverything you need to know about information security programs and policies, in one book\u003c\/b\u003e \u003c\/p\u003e  \u003cul\u003e  \u003cli\u003eClearly explains all facets of InfoSec program and policy planning, development, deployment, and management\u003c\/li\u003e  \u003cli\u003eThoroughly updated for today’s challenges, laws, regulations, and best practices\u003c\/li\u003e  \u003cli\u003eThe perfect resource for anyone pursuing an information security management career\u003c\/li\u003e \u003c\/ul\u003e  \u003cp\u003e¿\u003c\/p\u003e  \u003cp\u003eIn today’s dangerous world, failures in information security can be catastrophic. Organizations \u003ci\u003emust\u003c\/i\u003e protect themselves. Protection begins with comprehensive, realistic policies. This up-to-date guide will help you create, deploy, and manage them.\u003c\/p\u003e  \u003cp\u003eComplete and easy to understand, it explains key concepts and techniques through real-life examples. You’ll master modern information security regulations and frameworks, and learn specific best-practice policies for key industry sectors, including finance, healthcare, online commerce, and small business.\u003c\/p\u003e  \u003cp\u003e¿\u003c\/p\u003e  \u003cp\u003eIf you understand basic information security, you’re ready to succeed with this book. You’ll find projects, questions, exercises, examples, links to valuable easy-to-adapt information security policies...everything you need to implement a successful information security program.\u003c\/p\u003e  \u003cp\u003e¿\u003c\/p\u003e  \u003cp\u003e \u003cb\u003eLearn how to\u003c\/b\u003e \u003c\/p\u003e  \u003cp\u003e·¿¿¿¿¿¿¿¿ Establish program objectives, elements, domains, and governance\u003c\/p\u003e  \u003cp\u003e·¿¿¿¿¿¿¿¿ Understand policies, standards, procedures, guidelines, and plans—and the differences among them\u003c\/p\u003e  \u003cp\u003e·¿¿¿¿¿¿¿¿ Write policies in “plain language,” with the right level of detail\u003c\/p\u003e  \u003cp\u003e·¿¿¿¿¿¿¿¿ Apply the Confidentiality, Integrity \u0026amp; Availability (CIA) security model\u003c\/p\u003e  \u003cp\u003e·¿¿¿¿¿¿¿¿ Use NIST resources and ISO\/IEC 27000-series standards\u003c\/p\u003e  \u003cp\u003e·¿¿¿¿¿¿¿¿ Align security with business strategy\u003c\/p\u003e  \u003cp\u003e·¿¿¿¿¿¿¿¿ Define, inventory, and classify your information and systems\u003c\/p\u003e  \u003cp\u003e·¿¿¿¿¿¿¿¿ Systematically identify, prioritize, and manage InfoSec risks\u003c\/p\u003e  \u003cp\u003e·¿¿¿¿¿¿¿¿ Reduce “people-related” risks with role-based Security Education, Awareness, and Training (SETA)\u003c\/p\u003e  \u003cp\u003e·¿¿¿¿¿¿¿¿ Implement effective physical, environmental, communications, and operational security\u003c\/p\u003e  \u003cp\u003e·¿¿¿¿¿¿¿¿ Effectively manage access control\u003c\/p\u003e  \u003cp\u003e·¿¿¿¿¿¿¿¿ Secure the entire system development lifecycle\u003c\/p\u003e  \u003cp\u003e·¿¿¿¿¿¿¿¿ Respond to incidents and ensure continuity of operations\u003c\/p\u003e  \u003cp\u003e·¿¿¿¿¿¿¿¿ Comply with laws and regulations, including GLBA, HIPAA\/HITECH, FISMA, state data security and notification rules, and PCI DSS\u003c\/p\u003e  \u003cp\u003e¿\u003c\/p\u003e","brand":"Pearson Education","offers":[{"title":"Default Title","offer_id":47119498871024,"sku":"9780133481174","price":64.0,"currency_code":"USD","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0737\/7593\/9824\/files\/9780133481174_p0.jpg?v=1763641091","url":"https:\/\/shop-qa.barnesandnoble.com\/products\/9780133481174","provider":"Barnes \u0026 Noble (DEV)","version":"1.0","type":"link"}