book

Developing Cybersecurity Programs and Policies, 3rd Edition

by Omar Santos, Sari Greene

August 2018

Intermediate to advanced

672 pages

19h 24m

English

Pearson

Read now

Unlock full access

Information Security vs. Cybersecurity PoliciesLooking at Policy Through the AgesCybersecurity PolicyCybersecurity Policy Life CycleSummaryTest Your Skills
Policy HierarchyWriting Style and TechniquePolicy FormatSummaryTest Your Skills
Confidentiality, Integrity, and AvailabilityNIST’s Cybersecurity FrameworkSummaryTest Your Skills
Understanding Cybersecurity PoliciesCybersecurity RiskSummaryTest Your Skills
Information Assets and SystemsInformation ClassificationLabeling and Handling StandardsInformation Systems InventoryUnderstanding Data Loss Prevention TechnologiesSummaryTest Your Skills
The Employee Life CycleThe Importance of Employee AgreementsThe Importance of Security Education and TrainingSummaryTest Your Skills
Understanding the Secure Facility Layered Defense ModelProtecting EquipmentSummaryTest Your Skills
Standard Operating ProceduresOperational Change ControlMalware ProtectionData ReplicationSecure MessagingActivity Monitoring and Log AnalysisService Provider OversightThreat Intelligence and Information SharingSummaryTest Your Skills
Access Control FundamentalsInfrastructure Access ControlsUser Access ControlsSummaryTest Your Skills
System Security RequirementsSecure CodeCryptographySummaryTest Your Skills
Incident ResponseWhat Happened? Investigation and Evidence HandlingData Breach Notification RequirementsSummaryTest Your Skills
Emergency PreparednessBusiness Continuity Risk ManagementThe Business Continuity PlanPlan Testing and MaintenanceSummaryTest Your Skills
The Gramm-Leach-Bliley ActNew York’s Department of Financial Services Cybersecurity Regulation (23 NYCRR Part 500)What Is a Regulatory Examination?Personal and Corporate Identity TheftSummaryTest Your Skills
The HIPAA Security RuleThe HITECH Act and the Omnibus RuleUnderstanding the HIPAA Compliance Enforcement ProcessSummaryTest Your Skills
Protecting Cardholder DataPCI ComplianceSummaryTest Your Skills
Introducing the NIST Cybersecurity Framework ComponentsThe Framework CoreFramework Implementation Tiers (“Tiers”)NIST’s Recommended Steps to Establish or Improve a Cybersecurity ProgramNIST’s Cybersecurity Framework Reference ToolAdopting the NIST Cybersecurity Framework in Real LifeSummaryTest Your Skills

Content preview from Developing Cybersecurity Programs and Policies, 3rd Edition

Chapter 5 Asset Management and Data Loss Prevention

Chapter Objectives

After reading this chapter and completing the exercises, you will be able to do the following:

Assign information ownership responsibilities.
Develop and use information classification guidelines.
Understand information handling and labeling procedures.
Identify and inventory information systems.
Create and implement asset classification policies.
Understand data loss prevention technologies.

Is it possible to properly protect information if we do not know how much it is worth and how sensitive it is? Until we classify the information, how do we know the level of protection required? Unless we determine the value to the organization, how can we decide the amount of time, ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Start your free trial

Developing Cybersecurity Programs and Policies in an AI-Driven World, 4th Edition

Omar Santos

Security Program and Policies: Principles and Practices, Second Edition

Sari Greene

Cybersecurity – Attack and Defense Strategies, 3rd edition - Third Edition

Yuri Diogenes, Dr. Erdal Ozkaya

Security Policies and Implementation Issues, 3rd Edition

Robert Johnson, Chuck Easttom

Publisher Resources

ISBN: 9780134858623

Chapter 5

Asset Management and Data Loss Prevention