Your email was sent successfully. Check your inbox.

An error occurred while sending the email. Please try again.

Proceed reservation?

Export
Filter
  • Calder, Alan  (7)
  • Harich, Thomas W.  (4)
  • Bodmer, Sean  (1)
  • Safari, an O'Reilly Media Company.
  • Computer security ; Management  (7)
  • Data protection ; Standards  (7)
Datasource
Material
Language
Years
Author, Corporation
Publisher
Keywords
  • 1
    Online Resource
    Online Resource
    Technische IT-Security für IT Security Manager : Von Cloud Computing über WLAN bis zu Penetrationstests (2018)
    [Frechen] : mitp Verlags GmbH & Co. KG
    Details
    ISBN: 9783958454439 , 3958454437
    Language: German
    Pages: 1 online resource (1 volume) , illustrations
    Edition: 2. Auflage.
    Keywords: Information technology ; Management ; Information technology ; Security measures ; Penetration testing (Computer security) ; Computer security ; Management ; Cloud computing ; Electronic books ; Electronic books ; local
    Abstract: IT-Security hat immer auch etwas mit IT-technischen Fragestellungen zu tun. Das trifft selbst dann zu, wenn die IT-Security-Organisation der Unternehmensleitung berichtet und wenn deren definierte Hauptaufgabe in der Richtlinienkompetenz und der Überprüfung von Vorgaben liegt. Wissen über die IT-Infrastruktur und die IT-Prozesse ist wichtig, um passende und praktikable Vorgaben festlegen zu können. Nur wenn der Manager IT-Security weiß, wie die Datenströme aussehen und welche IT-Systeme eine maßgebliche Rolle spielen, kann er Risiken zutreffend einschätzen und zielgerichtete Maßnahmen definieren. Dazu kommt, dass er in der Zusammenarbeit mit dem Datenschutzbeauftragten, der internen Revisionsabteilung und häufig auch mit dem IT-Leiter den Part einer beratenden Stelle einnimmt. Um diese Aufgabe adäquat leisten zu können, muss er sich intensiv mit der zugrunde liegenden Thematik auseinandergesetzt haben. Dieses mitp bit hilt Ihnen, die Antworten auf die folgenden Fragen zu finden: Werden Entscheidungen dokumentiert, die der Manager IT-Security im Rahmen seiner Aufgaben trifft? Dazu gehören alle Maßnahmen und Ausnahmeregelungen und die jeweiligen Randbedingungen. Ein Beispiel wäre die Akzeptanz einer Ausnahmeregelung bezüglich der Installation einer ansonsten durch Richtlinien untersagten Software auf einem Arbeitsplatzrechner oder die Freigabe eines ungesicherten Downloads aus dem Internet. Sind für die einzelnen technischen Aufgabenfelder entsprechende Richtlinien vorhanden? Ist der Umgang der Mitarbeiter mit den Medien E-Mail und Internet geregelt? Ist ein Prozess beschrieben, der dann greift, wenn ein Mitarbeiter ausscheidet und ein Zugriff auf seine E-Mail-Daten und anderen (persönlichen) Daten erforderlich wird? Werden exponierte IT-Systeme regelmäßig in Bezug auf sicheres Betriebssystem, sichere Software und sichere Schnittstellen geprüft? Das betrifft im Besonderen alle IT-Systeme in einer »Demilitarisierten Zone« (DMZ), also Systeme, auf die aus dem Internet heraus zugegriffen wird.
    Note: Place of publication from publisher's website. - Description based on online resource; title from title page (Safari, viewed January 21, 2019)
    URL: lizenzpflichtig
    Library Location Call Number Volume/Issue/Year Availability
    BibTip Others were also interested in ...
    Online Resource
    MPI Ethno. Forsch.
  • 2
    Online Resource
    Online Resource
    IT-Risikomanagement : Richtlinien, Dokumentation, Massnahmen (2018)
    [Frechen] : mitp Verlags GmbH & Co. KG
    Details
    ISBN: 9783958454422 , 3958454429
    Language: German
    Pages: 1 online resource (1 volume) , illustrations
    Edition: 2. Auflage.
    Keywords: Information technology ; Risk management ; Information technology ; Security measures ; Computer security ; Management ; Electronic books ; Electronic books ; local
    Abstract: Das IT-Risikomanagement bildet den Überbau über den Gesamtkomplex IT-Security-Management. Es handelt sich dabei um keine abgegrenzte Einzelaufgabe, sondern um eine Methodik, die in vielen Prozessen immer wieder auftaucht. Der Einfluss und die Methoden des IT-Risikomanagements durchziehen alle Teilbereiche des IT-Security-Managements. Für das Business Continuity Management sowie für die tägliche Arbeit und die implementierten Sicherheitsprozesse stellt es zudem eine entscheidende Grundlage dar. Dieses mitp bit hilt Ihnen, die Antworten auf die folgenden Fragen zu finden: Existiert eine Richtlinie zum IT-Risikomanagement? Wurde die dort beschriebene Vorgehensweise mit den Methoden des Unternehmensrisikomanagements abgestimmt? Liegen Aufzeichnungen und Dokumentationen vor, die die wichtigsten IT-Risiken für den Geschäftsbetrieb darstellen? Ist das erforderliche Handwerkszeug für ein IT-Risikomanagement vorhanden? Liegt eine Klassifizierungsrichtlinie vor und sind die Mitarbeiter damit vertraut? Wurden Bedrohungslisten erstellt und entsprechende Maßnahmenvorschläge vorbereitet? Werden zumindest die wichtigsten Unternehmenswerte anhand der Klassifizierungsrichtlinie klassifiziert? Werden IT-Prozesse auch über den Faktor Risikomanagement gesteuert?
    Note: Place of publication from publisher's website. - Description based on online resource; title from title page (Safari, viewed January 21, 2019)
    URL: lizenzpflichtig
    Library Location Call Number Volume/Issue/Year Availability
    BibTip Others were also interested in ...
    Online Resource
    MPI Ethno. Forsch.
  • 3
    Online Resource
    Online Resource
    Compliance in der IT-Sicherheit : ISO 2700x-Standard und DSGVO (2018)
    [Frechen] : mitp Verlags GmbH & Co. KG
    Details
    ISBN: 9783958450882 , 3958450881
    Language: German
    Pages: 1 online resource (1 volume) , illustrations
    Edition: 2. Auflage.
    Keywords: Information technology ; Security measures ; Computer security ; Management ; Privacy, Right of ; Europe ; Electronic books ; Electronic books ; local
    Abstract: Die IT-Compliance gibt vor, welche Tätigkeiten innerhalb der IT-Abteilung aufgrund gesetzlicher, normativer oder internen Vorschriften und Vorgaben durchzuführen sind. Das können z.B. Vorgaben zur Vorratsdatenspeicherung sein oder Vorschriften über die sichere, elektronische Ablage von Buchungsbelegen. Eine zu beachtende Vorschrift ist z.B. die neue EU-DSGVO, auf die der Autor explizit eingeht. Dieses mitp bit hilt Ihnen, die Antworten auf die folgenden Fragen zu finden: Liegt der Ausrichtung des IT-Security-Managements eine interne oder externe Vorgabe oder eine Norm zugrunde? Sind die internen und externen Vorgaben, die für das IT-Security-Management von Relevanz sind, identifiziert worden? Ist die Zusammenarbeit des Managers IT-Security mit dem Datenschutzbeauftragten abgestimmt? Ist geregelt, wie der Manager IT-Security in die Unternehmens-Compliance eingebunden ist?
    Note: Place of publication from publisher's website. - Description based on online resource; title from title page (Safari, viewed January 21, 2019)
    URL: lizenzpflichtig
    Library Location Call Number Volume/Issue/Year Availability
    BibTip Others were also interested in ...
    Online Resource
    MPI Ethno. Forsch.
  • 4
    Online Resource
    Online Resource
    ISO27001/ISO27002 : Una guía de bolsillo (2017)
    [Erscheinungsort nicht ermittelbar] : IT Governance Publishing | Boston, MA : Safari
    Details
    ISBN: 9781849289184
    Language: English , Spanish
    Pages: 1 online resource (83 pages)
    Edition: 1st edition
    Parallel Title: Erscheint auch als
    Keywords: Data protection Standards ; Data protection Evaluation ; Electronic books ; local ; Protection de l'information (Informatique) ; Normes ; Protection de l'information (Informatique) ; Évaluation ; COMPUTERS ; Security ; General ; Data protection ; Standards ; Electronic books ; Electronic books ; Electronic books
    Abstract: Proteja la información de su organización con la ISO27001:2013 La información es uno de los recursos más importantes de su organización y mantener esa información segura es vital para su negocio. Esta guía de bolsillo útil es una visión de conjunto esencial sobre las dos normas de la seguridad de la información clave que cubren los requisitos formales (ISO27001:2013) para crear un Sistema de Gestión de la Seguridad de la Información (SGSI) y las recomendaciones de mejores prácticas (ISO27002:2013) para aquellos responsables de iniciar, implementar o mantenerlo. Un SGSI basado en la ISO27001/ISO27002 ofrece un sinfín de beneficios: Eficacia mejorada implantando procedimientos y sistemas de seguridad de la información, que le permiten concentrarse en su actividad empresarial principal. Protege sus activos de información de un amplio abanico de ciberamenazas, actividad criminal, compromiso de información privilegiada y fallo del sistema. Gestione sus riesgos sistemáticamente y establezca planes para eliminar o reducir las ciberamenazas. Permite la detección temprana de amenazas o errores de procesamiento y una solicuón más rápida ¿Siguiente paso para la certificación? Puede organizar una auditoría independiente de su SGSI frente a las especificaciones de la ISO27001 y, si su SGSI se ajusta, finalmente logra la certificación acreditada. Publicamos una variedad de libros y herramientas de documentación del SGSI (como Nueve pasos para el éxito) para ayudarle a lograr esto. Índice La familia de normas de la seguridad de la información ISO-/IEC 27000; Historia de las Normas; Especificación frente al Código de Prácticas; Proceso de certificación; El SGSI y la ISO27001; Visión de conjunto de la ISO/IEC 27001:2013; Visión de conjunto de la ISO/IEC 27002:2013; Documentación y registros; Responsabilidad de la gestión; Enfoque del proceso y el ciclo PDCA; Contexto, política y alcance; Evaluación del riesgo; La declaración de aplicabilidad (SoA); Implementación; 15. Verificar y actuar; Revisión gerencial; ISO27001; Anexo A Acerca del autor Alan Calder es el fundador y presidente ejecutivo de IT Governance Ltd, una empresa de información, asesoramiento y consultoría que ayuda a los consejos de administración de empresas a abordar problemas de gobierno de TI, gestión del riesgo, cumplimiento y seguridad de la información. Tiene muchos años de experiencia en alta gerencia en los sectores públicos y privados. Una guía de bolsillo que proporciona una visi...
    Note: Online resource; Title from title page (viewed June 1, 2017) , Mode of access: World Wide Web.
    URL: lizenzpflichtig
    Library Location Call Number Volume/Issue/Year Availability
    BibTip Others were also interested in ...
    Online Resource
    MPI Ethno. Forsch.
  • 5
    Online Resource
    Online Resource
    Nine steps to success : an ISO 27001:2013 implementation overview (2017)
    Ely, Cambridgeshire, United Kingdom : IT Governance Publishing
    Details
    ISBN: 9781849289511 , 1849289514
    Language: English
    Pages: 1 online resource (1 volume)
    Edition: North American edition.
    Keywords: Computer security ; Management ; Computer security ; Standards ; Data protection ; Standards ; Electronic books ; Electronic books ; local
    Abstract: Step-by-step guidance on a successful ISO 27001 implementation from an industry leader Resilience to cyber attacks requires an organization to defend itself across all of its attack surface: people, processes, and technology. ISO 27001 is the international standard that sets out the requirements of an information security management system (ISMS) - a holistic approach to information security that encompasses people, processes, and technology. Accredited certification to the Standard is recognized worldwide as the hallmark of best-practice information security management. Achieving and maintaining accredited certification to ISO 27001 can be complicated, especially for those who are new to the Standard. Author of Nine Steps to Success - An ISO 27001 Implementation Overview, Alan Calder is the founder and executive chairman of IT Governance. He led the world's first implementation of a management system certified to BS 7799, the forerunner to ISO 27001, and has been working with the Standard ever since. Hundreds of organizations around the world have achieved accredited certification to ISO 27001 with IT Governance's guidance, which is distilled in this book. Successfully implement ISO 27001 with this must-have guide Aligned with the latest iteration of ISO 27001:2013, the North American edition of Nine Steps to Success - An ISO 27001 Implementation Overview is ideal for anyone tackling ISO 27001 for the first time. In nine critical steps, the guide covers each element of the ISO 27001 project in simple, non-technical language. There is a special focus on how US organizations can tackle this governance. This book offers guidance throughout implementation: Getting management support and keeping the board's attention. Creating a management framework and performing a gap analysis so that you can clearly understand the controls you already have in place, and identify where you need to focus. Structuring and resourcing your project, including advice on whether to use a consultant or do it yourself, and examining the tools and resources that will make your job easier. Conducting a five-step risk assessment, and creating a Statement of Applicability (SoA) and risk treatment plan (RTP). Guidance on integrating your ISO 27001 ISMS with an ISO 9001 quality management system (QMS) and other management systems. Addressing the documentation challenges you'll face as you create business policies, procedures, work instructions, and records - includin...
    Note: Includes bibliographical references. - Description based on online resource; title from title page (Safari, viewed May 1, 2018)
    URL: https://learning.oreilly.com/library/view/-/9781849289511/?ar
    Library Location Call Number Volume/Issue/Year Availability
    BibTip Others were also interested in ...
    Online Resource
    MPI Ethno. Forsch.
  • 6
    Online Resource
    Online Resource
    Neun Schritte zum Erfolg : Ein Überblick zur Implementierung der Norm ISO 27001:2013 (2017)
    Ely, Cambridgeshire, United Kingdom : IT Governance Publishing
    Details
    ISBN: 9781849288699
    Language: German
    Pages: 1 online resource (1 volume)
    Keywords: Data protection ; Standards ; Data protection ; Evaluation ; Electronic books ; Electronic books ; local
    Abstract: Schritt-für-Schritt-Anleitung für eine erfolgreiche ISO 27001-Implementierung In sinnvoller, nicht technischer Sprache führt Sie dieser Leitfaden durch die wichtigsten Schritte eines ISO 27001-Projekts, um Ihnen den Erfolg desselben zu garantieren - von der Einführung bis hin zur Zertifizierung: Projektmandat Projektanbahnung Initiierung eines ISMS Management-Framework Grundlegende Sicherheitskriterien Risikomanagement Implementierung Maßnahme, Überwachung und Überprüfung Zertifizierung In dieser dritten Auflage und ausgerichtet auf ISO 27001: 2013 eignet sich das Handbuch ideal für alle jene, die sich zum ersten Mal mit der Norm beschäftigen. "Es ist als hätten Sie einen $ 300 / h-Berater an Ihrer Seite, wenn Sie die Aspekte der Gewinnung von Management-Unterstützung, Planung, Problembestimmung (Scoping), Kommunikation etc. betrachten." Thomas F. Witwicki Mit Hilfe dieses Buches erfahren Sie wie Sie: Unterstützung im Management und die Aufmerksamkeit des Vorstands erhalten; Erstellen Sie ein Management-Framework und eine Gap-Analyse, um klar zu verstehen, was Sie bereits unter Kontrolle haben und worauf ihre Bemühungen abzielen sollen; Strukturieren Sie Ihr Projekt und statten Sie es mit Ressourcen aus - einschließlich der Festlegung, ob Sie einen Berater verwenden werden oder die Tätigkeit selbst durchführen sowie der Überprüfung der vorhandenen Mittel und Ressourcen, die ihre Arbeit erleichtern werden; Führen Sie eine fünfstufige Risikobewertung durch und erstellen Sie eine Aussage zur Anwendbarkeit sowie einen Risikoplan; Integrieren Sie Ihr ISO 27001 ISMS mit einem ISO 9001 QMS und anderem Managementsystem; Adressieren Sie die Dokumentationsherausforderungen, denen Sie im Rahmen der Erstellung von Geschäftsgrundsätzen, Verfahren, Arbeitsanweisungen und Datensätzen begegnen - einschließlich realisierbarer Alternativen zum kostspieligen Trial- und Error Ansatz Kontinuierliche Verbesserung Ihres ISMS, einschließlich interner Prüfungen und Tests sowie Kontrollen durch das Management; Dieses Buch liefert Ihnen die nötige Anleitung zum Verständnis der Anforderungen der Norm und zur Gewährleistung, dass ihr Implementierungsprojekt ein Erfolg wird. Dabei werden sechs Geheimtipps für den Erfolg gegeben. Background Die Erlangung und Aufrechterhaltung der akkreditierten Zertifizierung nach der internationalen Norm für Informationssicherheit-Management - ISO 27001 - kann ein kompliziertes Vorhaben darstellen, besonders dann, wenn die Norm...
    Note: Includes bibliographical references. - Description based on online resource; title from title page (viewed March 16, 2017)
    URL: lizenzpflichtig
    Library Location Call Number Volume/Issue/Year Availability
    BibTip Others were also interested in ...
    Online Resource
    MPI Ethno. Forsch.
  • 7
    Online Resource
    Online Resource
    IT-Sicherheit im Unternehmen (2015)
    [Germany] : mitp-Verlags
    Details
    ISBN: 9783958451285
    Language: German
    Pages: 1 online resource (1 volume) , illustrations
    Edition: 1. Auflage.
    Keywords: Information technology ; Security measures ; Business enterprises ; Security measures ; Computer security ; Management ; Data protection ; Electronic books ; Electronic books ; local
    Abstract: Mithilfe eines klar umrissenen Projekts ein akzeptables Sicherheitsniveau erreichen Die Nutzung international anerkannter Standards und deren Übersetzung in die Unternehmenswirklichkeit Strukturierte Vorgehensweise anhand konkreter Aufgaben: Transparenz schaffen, Regeln einführen und Audits durchführen Gerade in der heutigen vernetzten Welt ist IT-Sicherheit unverzichtbar: Kein Unternehmen arbeitet mehr autark, alle sind miteinander durch Netzwerke, regen Datenaustausch oder Mailverkehr verbunden. Das Thema ist komplex und insbesondere kleine und mittelständische Betriebe fürchten sich vor einer zu großen Herausforderung - zu Unrecht. Thomas W. Harich zeigt Ihnen, wie Sie mit den Mitteln und dem Vokabular alltäglicher Projekte auch die Sicherheit Ihrer IT erfolgreich angehen können - mit Ihren unternehmenseigenen »Bordmitteln«. Das IT-Sicherheitsprojekt hat dabei einen definierten Anfang und ein definiertes Ende - somit sind Aufwand und Nutzen gut kalkulierbar. Der Autor teilt das Projekt übersichtlich in die drei großen Bereiche »Transparenz schaffen«, »Regeln einführen« und »Audits durchführen«. Sie lernen die Grundbegriffe der IT-Sicherheit kennen und werden Schritt für Schritt durch das Projekt geführt. Detaillierte Aufgaben und Arbeitspakete zeigen Ihnen strukturiert, was wann wie zu tun ist. Dabei unterscheidet Thomas W. Harich immer zwischen den Zielen der »Basissicherheit« und der »Erweiterten IT-Sicherheit«. Grundlage sind international anerkannte Normen der ISO-2700x-Reihe, die Vorgaben des Bundesamtes für Sicherheit in der Informationstechnik (BSI) sowie Erfahrungen aus der Praxis. So können Sie mithilfe dieses Buches und der in der Praxis erprobten Vorgehensweise IT-Sicherheit in Ihrem Unternehmen flächendeckend umsetzen und ein hohes Sicherheitsniveau erreichen.
    Note: Description based on online resource; title from title page (Safari, viewed September 18, 2015)
    URL: lizenzpflichtig
    Library Location Call Number Volume/Issue/Year Availability
    BibTip Others were also interested in ...
    Online Resource
    MPI Ethno. Forsch.
  • 8
    Online Resource
    Online Resource
    PCI DSS : a pocket guide (2015)
    Ely, Cambridgeshire, United Kingdom : IT Governance Publishing
    Details
    Language: English
    Pages: 1 online resource (1 volume)
    Edition: Fifth edition.
    Keywords: Data protection ; Standards ; Electronic commerce ; Security measures ; Computer networks ; Security measures ; Liability for credit information ; Credit cards ; Electronic books ; Electronic books ; local
    Abstract: An ideal introduction and a quick reference to PCI DSS version 3.2 All businesses that accept payment cards are prey for hackers and criminal gangs trying to steal financial information and commit identity fraud. The PCI DSS (Payment Card Industry Data Security Standard) exists to ensure that businesses process credit and debit card orders in a way that effectively protects cardholder data. All organisations that accept, store, transmit or process cardholder data must comply with the Standard; failure to do so can have serious consequences for their ability to process card payments. Product overview Co-written by a PCI QSA (Qualified Security Assessor) and updated to cover PCI DSS version 3.2, this handy pocket guide provides all the information you need to consider as you approach the PCI DSS. It is also an ideal training resource for anyone in your organisation involved with payment card processing. Coverage includes: An overview of PCI DSS v3.2. A PCI self-assessment questionnaire (SAQ). Procedures and qualifications. An overview of the Payment Application Data Security Standard (PA-DSS). Contents What is the Payment Card Industry Data Security Standard (PCI DSS)? What is the scope of the PCI DSS? Compliance and compliance programmes Consequences of a breach How do you comply with the requirements of the Standard? Maintaining compliance PCI DSS - The Standard Aspects of PCI DSS compliance The PCI self-assessment questionnaire Procedures and qualifications The PCI DSS and ISO/IEC 27001 The Payment Application Data Security Standard (PA-DSS) PIN transaction security (PTS) About the authors Alan Calder is the founder and executive chairman of IT Governance Ltd, an information, advice and consultancy firm that helps company boards tackle IT governance, risk management, compliance and information security issues. He has many years of senior management experience in the private and public sectors. Geraint Williams is a knowledgeable and experienced senior information security consultant and PCI QSA, with a strong technical background and experience of the PCI DSS and security testing. He leads the IT Governance CISSP Accelerated Training Programme, as well as the PCI Foundation and Implementer training courses. He has broad technical knowledge of security and IT infrastructure, including high performance computing and Cloud computing. His certifications include CISSP, PCI QSA, CREST Registered Tester, CEH and CHFI.
    Note: "Compliance series"--Cover. - Description based on online resource; title from title page (Safari, viewed August 26, 2016)
    URL: https://learning.oreilly.com/library/view/-/9781849288446/?ar
    Library Location Call Number Volume/Issue/Year Availability
    BibTip Others were also interested in ...
    Online Resource
    MPI Ethno. Forsch.
  • 9
    Online Resource
    Online Resource
    PCI DSS : a pocket guide (2015)
    Ely, Cambridgeshire, United Kingdom : IT Governance Publishing
    Details
    Language: English
    Pages: 1 online resource (1 volume)
    Edition: Fourth edition.
    Keywords: Data protection ; Standards ; Electronic commerce ; Security measures ; Computer networks ; Security measures ; Liability for credit information ; Credit cards ; Electronic books ; Electronic books ; local
    Abstract: An ideal introduction and a quick reference to PCI DSS version 3.1 All businesses that accept payment cards are prey for hackers and criminal gangs trying to steal financial information and commit identity fraud. The PCI DSS (Payment Card Industry Data Security Standard) exists to ensure that businesses process credit and debit card orders in a way that effectively protects cardholder data. All organizations that accept, store, transmit, or process cardholder data must comply with the Standard; failure to do so can have serious consequences for their ability to process card payments. Product overview Co-written by a PCI QSA (Qualified Security Assessor) and updated to cover PCI DSS version 3.1, this handy pocket guide provides all the information you need to consider as you approach the PCI DSS. It is also an ideal training resource for anyone in your organization involved with payment card processing. Coverage includes: An overview of PCI DSS v3.1. A PCI self-assessment questionnaire (SAQ). Procedures and qualifications. An overview of the Payment Application Data Security Standard (PA-DSS). Contents What is the Payment Card Industry Data Security Standard (PCI DSS)? What is the scope of the PCI DSS? Compliance and compliance programmes Consequences of a breach How do you comply with the requirements of the Standard? Maintaining compliance PCI DSS - The Standard Aspects of PCI DSS compliance The PCI self-assessment questionnaire Procedures and qualifications The PCI DSS and ISO/IEC 27001 The Payment Application Data Security Standard (PA-DSS) PIN transaction security (PTS) About the authors Alan Calder is the founder and executive chairman of IT Governance Ltd, an information, advice and consultancy firm that helps company boards tackle IT governance, risk management, compliance, and information security issues. He has many years of senior management experience in the private and public sectors. Geraint Williams is a knowledgeable and experienced senior information security consultant and PCI QSA, with a strong technical background and experience of the PCI DSS and security testing. He leads the IT Governance CISSP Accelerated Training Programme, as well as the PCI Foundation and Implementer training courses. He has broad technical knowledge of security and IT infrastructure, including high performance computing and Cloud computing. His certifications include CISSP, PCI QSA, CREST Registered Tester, CEH, and CHFI.
    Note: "Compliance series"--Cover. - Includes bibliographical references. - Description based on online resource; title from title page (Safari, viewed June 10, 2016)
    URL: https://learning.oreilly.com/library/view/-/9781849287838/?ar
    Library Location Call Number Volume/Issue/Year Availability
    BibTip Others were also interested in ...
    Online Resource
    MPI Ethno. Forsch.
  • 10
    Online Resource
    Online Resource
    PCI DSS : a pocket guide (2013)
    Ely, Cambridgeshire, U.K. : IT Governance Pub.
    Details
    ISBN: 9781849285551 , 1849285551
    Language: English
    Pages: 1 online resource (1 v.)
    Edition: 3rd ed.
    Keywords: Data protection ; Standards ; Electronic commerce ; Security measures ; Computer networks ; Security measures ; Liability for credit information ; Credit cards ; Electronic books ; Electronic books ; local
    Abstract: Get started with PCI DSS Protect your customers' card data All businesses that accept payment cards are prey for hackers and criminal gangs trying to steal payment card details and commit identity fraud. The PCI DSS (Payment Card Industry Data Security Standard) exists to ensure that businesses process credit and debit card orders in a way that effectively protects cardholder data. Failing to comply with the standard can have serious consequences for your ability to process card payments. An ideal introduction and a quick reference to PCI DSS, including version 3.0 Co-written by a PCI QSA (Qualified Security Assessor) and updated to also cover PCI DSS version 3.0, this handy pocket guide provides all the information you need to consider as you approach the PCI DSS. It is also an ideal training resource for anyone in your organisation who deals with payment card processing. Coverage includes: an overview of Payment Card Industry Data Security Standard V3.0 the consequences of a breach how to comply with the standard a PCI self-assessment questionnaire (SAQ) procedures and qualifications an overview of the Payment Application Data Security Standard Buy this pocket guide and get to grips with PCI DSS, including version 3.0 This title is part of The ITGP Compliance Series , a suite of essential guides to regulatory and legal compliance. Designed to help organisations in their efforts to address issues such as PCI DSS, anti-bribery policy management and data protection, this series is indispensable for anyone seeking to align their policies and procedures with laws and regulations. The guides also provide a quick, cost-effective way to raise awareness of key issues among staff, partners and external customers. About the Authors Alan Calder is the Founder and Executive Chairman of IT Governance Ltd, an information, advice and consultancy firm that helps company boards tackle IT governance, risk management, compliance and information security issues. He has many years of senior management experience in the private and public sectors. Geraint Williams is a knowledgeable and experienced senior information security consultant and PCI QSA, with a strong technical background and experience of the PCI DSS and security testing. Geraint has provided consultancy on implementation of the PCI DSS and conducted audits with a wide range of merchants and service providers. He has performed penetration testing and vulnerability assessments for various clients. Gera...
    Note: "Compliance series"--Cover. - Description based on online resource; title from title page (Safari, viewed Apr. 8, 2014)
    URL: https://learning.oreilly.com/library/view/-/9781849285551/?ar
    Library Location Call Number Volume/Issue/Year Availability
    BibTip Others were also interested in ...
    Online Resource
    MPI Ethno. Forsch.
  • 11
    Online Resource
    Online Resource
    21st Century Security and CPTED, 2nd Edition (2013)
    [Erscheinungsort nicht ermittelbar] : CRC Press | Boston, MA : Safari
    Details
    Language: English
    Pages: 1 online resource (954 pages)
    Edition: 2nd edition
    Keywords: Information technology ; Security measures ; Computer security ; Management ; Computer networks ; Security measures ; Data protection ; Electronic books ; local
    Abstract: The concept of Crime Prevention Through Environmental Design (CPTED) has undergone dramatic changes over the last several decades since C. Ray Jeffery coined the term in the early 1970s, and Tim Crowe wrote the first CPTED applications book. The second edition of 21st Century Security and CPTED includes the latest theory, knowledge, and practice of CPTED as it relates to the current security threats facing the modern world: theft, violent crime, terrorism, gang activity, and school and workplace violence. This significantly expanded edition includes the latest coverage of proper lighting, building design-both the interior and exterior-physical security barriers, the usage of fencing, bollards, natural surveillance, landscaping, and landscape design. Such design concepts and security elements can be applied to address a wide variety of threats including crime prevention, blast mitigation, and CBRNE threat protection. Authored by one of the U.S.'s renowned security experts-and a premiere architect and criminologist-the book is the most comprehensive examination of CPTED and CPTED principles available. This edition includes a complete update of all chapters in addition to five new chapters, over 700 figure illustrations and photos, numerous tables and checklists, and a 20-page color plate section. This latest edition: Features five new chapters including green and sustainable buildings, infrastructure protection, and premises liability Presents step-by-step guidelines and real-world applications of CPTED concepts, principles and processes-from risk assessment to construction and post-occupancy evaluation Outlines national building security codes and standards Examines architectural surety from the perspective of risk analysis and premises liability Demonstrates CPTED implementation in high-security environments, such as hospitals, parks, ATMs, schools, and public and private sector buildings A practical resource for architects, urban planners and designers, security managers, law enforcement, CPTED practitioners, building and property managers, homeland security professionals, and students, 21st Century Security and CPTED, Second Edition continues to serve as the most complete and up-to-date reference available on next-generation CPTED practices today.
    Note: Online resource; Title from title page (viewed June 25, 2013) , Mode of access: World Wide Web.
    URL: lizenzpflichtig
    Library Location Call Number Volume/Issue/Year Availability
    BibTip Others were also interested in ...
    Online Resource
    MPI Ethno. Forsch.
  • 12
    Online Resource
    Online Resource
    Reverse deception : organized cyber threat counter-exploitation (2012)
    New York : McGraw-Hill
    Details
    Language: English
    Pages: 1 online resource (1 v.) , ill.
    Parallel Title: Erscheint auch als
    Keywords: Electronic counter-countermeasures ; Computer crimes ; Prevention ; Computer security ; Deception ; Electronic books ; Computer networks ; Security measures ; Computer security ; Management ; Information technology ; Security measures ; Data protection ; Electronic books ; local
    Abstract: In-depth counterintelligence tactics to fight cyber-espionage "A comprehensive and unparalleled overview of the topic by experts in the field."-- Slashdot Expose, pursue, and prosecute the perpetrators of advanced persistent threats (APTs) using the tested security techniques and real-world case studies featured in this one-of-a-kind guide. Reverse Deception: Organized Cyber Threat Counter-Exploitation shows how to assess your network's vulnerabilities, zero in on targets, and effectively block intruders. Discover how to set up digital traps, misdirect and divert attackers, configure honeypots, mitigate encrypted crimeware, and identify malicious software groups. The expert authors provide full coverage of legal and ethical issues, operational vetting, and security team management. Establish the goals and scope of your reverse deception campaign Identify, analyze, and block APTs Engage and catch nefarious individuals and their organizations Assemble cyber-profiles, incident analyses, and intelligence reports Uncover, eliminate, and autopsy crimeware, trojans, and botnets Work with intrusion detection, anti-virus, and digital forensics tools Employ stealth honeynet, honeypot, and sandbox technologies Communicate and collaborate with legal teams and law enforcement
    Note: Includes bibliographical references and index. - Description based on print version record
    URL: https://learning.oreilly.com/library/view/-/9780071772495/?ar
    Library Location Call Number Volume/Issue/Year Availability
    BibTip Others were also interested in ...
    Online Resource
    MPI Ethno. Forsch.
  • 13
    Online Resource
    Online Resource
    Risk assessment for asset owners : a pocket guide (2007)
    [Ely, UK?] : IT Governance
    Details
    Language: English
    Pages: 1 online resource (1 v.) , ill.
    Series Statement: Pocket guides: practical information security
    Keywords: Data protection ; Evaluation ; Data protection ; Standards ; Risk management ; Electronic books ; Electronic books ; local
    Abstract: Understand ISO 38500: the standard for the corporate governance of IT ISO/IEC38500 is the international standard for the corporate governance of information and communication technology. The purpose of the standard is to create a framework to ensure that the Board is appropriately involved in the governance of the organisation's IT. The standard sets out guiding principles for directors on how to ensure the effective, efficient and acceptable use of IT within their company. This useful pocket guide provides an account of the scope and objectives of the standard. It outlines the standard's six core principles, sets out the three major tasks that the standard assigns to directors regarding IT, and explains the interrelationship between the two. The guide also offers advice on how to set up and implement the IT governance framework. Business benefits of ISO/IEC 38500 (ISO38500) include: Manage the organisation's investment in IT responsibly The pocket guide shows how the standard can be used to ensure that your decision making about IT investment remains clear and transparent, and that the associated risks are clearly understood. Meet compliance requirements ISO/IEC38500 requires directors to verify that their IT systems are in compliance with all applicable regulations. As this pocket guide explains, following the procedures set out in ISO/IEC38500 will help company directors both to achieve and demonstrate compliance. Improve the performance of the organisation On average, investment in IT represents more than 50 per cent of every organisation's annual capital investment. Both private and public sector organisations need to maintain a high standard of service while at the same time keeping costs low. The pocket guide looks at how following the guidance contained in ISO/IEC38500 can enable directors to retain a grip on costs and obtain better value for money from IT equipment. Introduce effective project governance This pocket guide describes how ISO/IEC38500 can help company directors to identify problems in an IT project at an early stage. In this way, the standard promotes effective management of the risks associated with major IT projects, enables the board to keep a grip on budgets and militates against project failure. Implement ISO38500, the international standard for corporate governance of IT An IT governance framework serves to close the gap between the importance of IT and the understanding of IT. For this reason, you can use an IT go...
    Note: Publication information taken from resource description page (Safari, viewed August 19, 2013). - Includes bibliographical references. - Description based on online resource; title from cover
    URL: https://learning.oreilly.com/library/view/-/9781849281232/?ar
    Library Location Call Number Volume/Issue/Year Availability
    BibTip Others were also interested in ...
    Online Resource
    MPI Ethno. Forsch.
Close ⊗
This website uses cookies and the analysis tool Matomo. More information can be found here...