Information Governance

It is estimated that standard computer-based defense systems catch only 25 percent of malware attacks. Do you know the risks you’re running online? Are you protected? An Introduction to Hacking and Crimeware answers your concerns and provides a foundation-level overview of the dark world of cybercrime. This is a comprehensive guide to more serious online threats. Knowledge of these threats will help you understand how to ensure that your computer systems are protected and make sure that your business is safe, enabling you to focus on your core activities without fear of attack.

Navigating the complex terrain of SOC2 compliance can be a daunting task. "A Step-by-Step Guide to SOC2 Type 1 Attestation and Type 2 Certification" is your trusted companion on this journey, offering a comprehensive, accessible, and practical roadmap to achieving and maintaining SOC2 compliance. Penned by renowned information security expert, Russell D. Nomer, CISSP, this guide leverages over 30 years of experience and delivers invaluable insights in an engaging and reader-friendly manner. From understanding the importance of SOC2 attestation to conducting successful audits and mitigating ...

In "The CISO's guide to Surviving Machiavellian Politics", Russell D. Nomer, CISSP draws upon the combination of academic lessons and his own unique experiences and observations to share lessons learned from: Over three decades of technology and security consulting spanning multiple industries Studying Political Communications, Political Science and Politics & Values at The George Washington University Completing Morton Blackwell Leadership Institute Training Obtaining a Bachelor of Science Degree with honors in Security Systems from SUNY Farmingdale Obtaining a CISSP Obtaining ITIL ...

Based on insights gained from academic research, as well as interviews with UK-based security professionals from various sectors, The Psychology of Information Security describes how resolving conflicts between security compliance and human behavior explains the importance of careful risk management and how to align a security program with wider business objectives, providing methods and techniques to engage stakeholders and encourage buy-in.

"Information Security and Cybersecurity Frameworks 101", provides a comprehensive guide to understanding and implementing information security and cybersecurity frameworks. The book covers popular frameworks, such as ISO/IEC 27001, NIST Cybersecurity Framework, and Center for Internet Security (CIS) Critical Security Controls, and provides guidance on selecting and implementing the appropriate framework for an organization's specific needs and challenges. The book also includes case studies and lessons learned, as well as a section on emerging trends and technologies. With a focus on the ...

Written by an acknowledged expert on the ISO/IEC 27001 standard, ISO 27001: 2022–An Introduction to Information Security and the ISMS Standard is an ideal primer for anyone implementing an information security management system aligned to ISO 27001: 2022.

Created for IT service managers, consultants, and other practitioners in IT governance, risk management, and compliance, this practical book discusses all the key concepts of COBIT® 5 and explains how to direct the governance of enterprise IT (GEIT) using the COBIT®5 framework. Drawing on more than 30 years of experience in the IT sector, the author explains the main frameworks and standards supporting GEIT, discusses the ideas of enterprise and governance, and describes the path from corporate governance to the governance of enterprise IT.

"Conquer the CISA Exam: Your Guide to Success as a Certified Information Systems Auditor" is an essential resource for anyone aiming to achieve the prestigious CISA certification. This comprehensive guide covers all the critical domains of the CISA exam, including Information Systems Auditing Process, Governance and Management of IT, Information Systems Acquisition, Development and Implementation, Information Systems Operations and Business Resilience, and Protection of Information Assets. The book begins with an overview of the CISA certification and its importance in the field of ...

In a world where the institutions we rely on can suddenly fail, where society’s fragile fabric can unravel, and where collapse—whether through conflict, natural disaster, or systemic breakdown—becomes a reality, we face a choice: to succumb to the chaos or rise above it. Surviving the Collapse is not just a manual for surviving the worst—it’s a guide to leading, thriving, and rebuilding in the face of destruction. Surviving the Collapse is for the citizen defenders, the leaders, and the communities who refuse to be defined by the collapse of the world around them. Drawing from ...

"Conquer the CISM Exam: Your Guide to Success as a Certified Information Security Manager" is an essential resource for anyone aiming to achieve the prestigious CISM certification. This comprehensive guide covers all critical domains of the CISM exam, including Information Security Governance, Information Risk Management, Information Security Program Development and Management, and Information Security Incident Management. The book begins with an overview of the CISM certification and its importance in the field of information security management. It then delves into each domain in detail, ...

Just because we can do something, does that mean we should do it? While embracing the promise of technological advances and data-driven decision-making, a democratic society also must acknowledge and address potential harms to individuals, populations, and society as a whole. In this data ethics “playbook,” data governance practitioner and educator Kathy Rondon lays out potential problems in our collection, sharing, use, and retention of data; how those problems can negatively impact more than just an individual person’s privacy; and the questions we should be asking of ourselves and ...

Gain confidence in regulatory compliance, drive effective infotech investment, and uplift organizational knowledge for effective data governance. Based on the authors’ extensive experience and reinforced with case studies, this book presents their award-winning framework of business tools and techniques. It provides a 4-point strategy for achieving business-driven information governance aligned with business risk management to ensure the delivery of quality and reliable information. Master a structured approach to sharing knowledge and defining business terms by removing ambiguous ...

Integrating and managing the services of multiple third-party IT service providers is becoming increasingly popular, but there is no formal best-practice guidance for service integration and management (SIAM). This book provides clear guidance on the SIAM process, answering questions on what service integration is, when SIAM is applicable, and what approach should be taken when sourcing ITSM services in a multi-sourced environment.