book

Developing Cybersecurity Programs and Policies, 3rd Edition

by Omar Santos, Sari Greene

August 2018

Intermediate to advanced

672 pages

19h 24m

English

Pearson

Start your free trial

Related skills

Security

Associated roles

C++ developer
Cybersecurity engineer
Go developer
Java developer

Penetration tester
Python developer
SRE
Tech lead

+4 more

Information Security vs. Cybersecurity PoliciesLooking at Policy Through the AgesCybersecurity PolicyCybersecurity Policy Life CycleSummaryTest Your Skills
Policy HierarchyWriting Style and TechniquePolicy FormatSummaryTest Your Skills
Confidentiality, Integrity, and AvailabilityNIST’s Cybersecurity FrameworkSummaryTest Your Skills
Understanding Cybersecurity PoliciesCybersecurity RiskSummaryTest Your Skills
Information Assets and SystemsInformation ClassificationLabeling and Handling StandardsInformation Systems InventoryUnderstanding Data Loss Prevention TechnologiesSummaryTest Your Skills
The Employee Life CycleThe Importance of Employee AgreementsThe Importance of Security Education and TrainingSummaryTest Your Skills
Understanding the Secure Facility Layered Defense ModelProtecting EquipmentSummaryTest Your Skills
Standard Operating ProceduresOperational Change ControlMalware ProtectionData ReplicationSecure MessagingActivity Monitoring and Log AnalysisService Provider OversightThreat Intelligence and Information SharingSummaryTest Your Skills
Access Control FundamentalsInfrastructure Access ControlsUser Access ControlsSummaryTest Your Skills
System Security RequirementsSecure CodeCryptographySummaryTest Your Skills
Incident ResponseWhat Happened? Investigation and Evidence HandlingData Breach Notification RequirementsSummaryTest Your Skills
Emergency PreparednessBusiness Continuity Risk ManagementThe Business Continuity PlanPlan Testing and MaintenanceSummaryTest Your Skills
The Gramm-Leach-Bliley ActNew York’s Department of Financial Services Cybersecurity Regulation (23 NYCRR Part 500)What Is a Regulatory Examination?Personal and Corporate Identity TheftSummaryTest Your Skills
The HIPAA Security RuleThe HITECH Act and the Omnibus RuleUnderstanding the HIPAA Compliance Enforcement ProcessSummaryTest Your Skills
Protecting Cardholder DataPCI ComplianceSummaryTest Your Skills
Introducing the NIST Cybersecurity Framework ComponentsThe Framework CoreFramework Implementation Tiers (“Tiers”)NIST’s Recommended Steps to Establish or Improve a Cybersecurity ProgramNIST’s Cybersecurity Framework Reference ToolAdopting the NIST Cybersecurity Framework in Real LifeSummaryTest Your Skills

Content preview from Developing Cybersecurity Programs and Policies, 3rd Edition

Chapter 6 Human Resources Security

Chapter Objectives

After reading this chapter and completing the exercises, you will be able to do the following:

Define the relationship between cybersecurity and personnel practices.
Recognize the stages of the employee life cycle.
Describe the purpose of confidentiality and acceptable use agreements.
Understand appropriate security education, training, and awareness programs.
Create personnel-related security policies and procedures.

Is it possible that people are simultaneously an organization’s most valuable asset and their most dangerous threat? Study after study cites people as the weakest link in cybersecurity. Because cybersecurity is primarily a people-driven process, it is imperative that the ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Start your free trial

Developing Cybersecurity Programs and Policies in an AI-Driven World, 4th Edition

Omar Santos

Security Program and Policies: Principles and Practices, Second Edition

Sari Greene

Cybersecurity – Attack and Defense Strategies, 3rd edition - Third Edition

Yuri Diogenes, Dr. Erdal Ozkaya

Security Policies and Implementation Issues, 3rd Edition

Robert Johnson, Chuck Easttom

Publisher Resources

ISBN: 9780134858623

Chapter 6

Human Resources Security