This is a breakdown of the NIST risk management framework process for cybersecurity professionals getting into security compliance. It is written in layman's terms, without the convoluted way it is described in the NIST SP 800-37 revision 2. It goes into what the information system security officer does at each step in the process and where their attention should be focused. Although the main focus is on implementation of the NIST 800 RMF process, this book covers many of the main concepts on certifications, such as the ISC2 CAP.

Eleventh Hour CISSP®: Study Guide, Third Edition, provides readers with a study guide on the most current version of the Certified Information Systems Security Professional exam. This book is streamlined to include only core certification information and is presented for ease of last-minute studying. Main objectives of the exam are covered concisely with key concepts highlighted. This new edition is aligned to cover all material in the most current version of the exam’s Common Body of Knowledge.

(ISC)2 CCSP Certified Cloud Security Professional Official Study Guide is your ultimate resource for the CCSP exam. Covering all CCSP domains, this book walks you through architectural concepts and design requirements, cloud data security, cloud platform and infrastructure security, cloud application security, operations, and legal and compliance with real-world scenarios to help you apply your skills along the way.

In Project Zero Trust: A Story About a Strategy for Aligning Security and the Business, George Finney, chief security officer at Southern Methodist University, delivers an insightful and practical discussion of Zero Trust implementation. Presented in the form of a fictional narrative involving a breach at a company, the book tracks the actions of the company's new IT security director. Listeners will learn John Kindervag's 5-Step methodology for implementing Zero Trust, the four Zero Trust design principles, and how to limit the impact of a breach.

Thoroughly updated for the latest release of the Certified Information Systems Security Professional exam, this comprehensive resource covers all objectives in the 2021 CISSP exam developed by the International Information Systems Security Certification Consortium (ISC)2®. CISSP All-in-One Exam Guide, Ninth Edition features learning objectives at the beginning of each chapter, exam tips, practice questions, and in-depth explanations.

In The CISO Evolution: Business Knowledge for Cybersecurity Executives, information security experts Matthew K. Sharp and Kyriakos "Rock" Lambros deliver an insightful and practical resource to help cybersecurity professionals develop the skills they need to effectively communicate with senior management and boards. They assert business aligned cybersecurity is crucial and demonstrate how business acumen is being put into action to deliver meaningful business outcomes.

A straightforward look at the four domains of the ISACA Certified Information Security Manager exam. This book will help you get a firm grasp on the key topics needed for success with the exam. Included are over 120 practice questions covering the four domains of ISACA's CISM.

With cyberattacks resulting in often devastating results, it’s no wonder executives hire the best and brightest of the IT world for protection. But are you doing enough? Do you understand your risks? What if the brightest aren’t always the best choice for your company? In The Smartest Person in the Room, Christian Espinosa shows you how to leverage your company’s smartest minds to your benefit and theirs. Learn from Christian’s own journey from cybersecurity engineer to company CEO.

Cybersecurity is an emerging career trend and will continue to become increasingly important. Despite the lucrative pay and significant career growth opportunities, many people are unsure of how to get started.

Get complete coverage of all objectives included on the CompTIA Security+ exam SY0-601 from this comprehensive resource. Written by a team of leading information security experts, this authoritative guide fully addresses the skills required to perform essential security functions and to secure hardware, systems, and software. You'll find learning objectives at the beginning of each chapter, exam tips, practice exam questions, and in-depth explanations.

Essential CISA has been made with a single goal in mind - to present the CISA material in a way that is easy to absorb without leaving any content behind. Plenty of examples are included to drive the points home so when it comes time to take the CISA exam, you are ready!

In A Leader's Guide to Cybersecurity, Thomas Parenty and Jack Domet, who've spent over three decades in the field, present a timely, clear-eyed, and actionable framework that will empower senior executives and board members to become stewards of their companies' cybersecurity activities. Filled with tools, best practices, and strategies, A Leader's Guide to Cybersecurity will help boards navigate this seemingly daunting but extremely necessary transition.

Essential CISM has been written with a single goal in mind - to present the CISM material in a way that is easy to absorb without leaving any content behind. Plenty of examples are included to drive the points home so that when it comes time to take the CISM exam, you are ready! The book is broken down into two sections. Section 1 covers basic concepts you will need to understand before hitting each domain. The CISM official exam guide is redundant across the domains, and so in this book you will encounter each topic once instead of having to rehash the same subject in different ways.

Part one of this audiobook delivers a variety of computer networking-related topics to be easily understood by beginners. In part two, you will take a journey into the world of cybercrimes and cybersecurity. The topics outlined in this audiobook are delivered in a language easy to understand and constantly piquing your interest so that you will want to explore the topics presented even more.

Ransomware is a type of malicious attack where attackers encrypt an organization’s data and demand payment to restore access. This Ransomware Profile identifies the Cybersecurity Framework Version 1.1 security objectives that support identifying, protecting against, detecting, responding to, and recovering from ransomware events. The profile can be used as a guide to managing the risk of ransomware events. That includes helping to gauge an organization’s level of readiness to counter ransomware threats and to deal with the potential consequences of events.