The Cybersecurity Body Of Knowledge

CYBERSECURITY: THE ESSENTIAL BODY OF KNOWLEDGE provides a comprehensive, trustworthy framework of practices for assuring information security. This book is organized to help readers understand how the various roles and functions within cybersecurity practice can be combined and leveraged to produce a secure organization. In this unique book, concepts are not presented as stagnant theory; instead, the content is interwoven in a real world adventure story that runs throughout. In the story, a fictional company experiences numerous pitfalls of cyber security and the reader is immersed in the everyday practice of securing the company through various characters' efforts. This approach grabs learners' attention and assists them in visualizing the application of the content to real-world issues that they will face in their professional life. Derived from the Department of Homeland Security's Essential Body of Knowledge (EBK) for IT Security, this book is an indispensable resource dedicated to understanding the framework, roles, and competencies involved with information security. Important Notice: Media content referenced within the product description or the product text may not be available in the ebook version.

The Cybersecurity Body of Knowledge explains the content, purpose, and use of eight knowledge areas that define the boundaries of the discipline of cybersecurity. The discussion focuses on, and is driven by, the essential concepts of each knowledge area that collectively capture the cybersecurity body of knowledge to provide a complete picture of the field. This book is based on a brand-new and up to this point unique, global initiative, known as CSEC2017, which was created and endorsed by ACM, IEEE-CS, AIS SIGSEC, and IFIP WG 11.8. This has practical relevance to every educator in the discipline of cybersecurity. Because the specifics of this body of knowledge cannot be imparted in a single text, the authors provide the necessary comprehensive overview. In essence, this is the entry-level survey of the comprehensive field of cybersecurity. It will serve as the roadmap for individuals to later drill down into a specific area of interest. This presentation is also explicitly designed to aid faculty members, administrators, CISOs, policy makers, and stakeholders involved with cybersecurity workforce development initiatives. The book is oriented toward practical application of a computing-based foundation, crosscutting concepts, and essential knowledge and skills of the cybersecurity discipline to meet workforce demands. Dan Shoemaker, PhD, is full professor, senior research scientist, and program director at the University of Detroit Mercy’s Center for Cyber Security and Intelligence Studies. Dan is a former chair of the Cybersecurity & Information Systems Department and has authored numerous books and journal articles focused on cybersecurity. Anne Kohnke, PhD, is an associate professor of cybersecurity and the principle investigator of the Center for Academic Excellence in Cyber Defence at the University of Detroit Mercy. Anne’s research is focused in cybersecurity, risk management, threat modeling, and mitigating attack vectors. Ken Sigler, MS, is a faculty member of the Computer Information Systems (CIS) program at the Auburn Hills campus of Oakland Community College in Michigan. Ken’s research is in the areas of software management, software assurance, and cybersecurity.

This book explains the content, purpose and use of the eight standard knowledge areas that constitute the emerging discipline of cybersecurity. It captures and explains that body of knowledge, to provide teachers and students with a complete picture of the field at a suitable depth of understanding.

As a result of a rigorous, methodical process that (ISC) follows to routinely update its credential exams, it has announced that enhancements will be made to both the Certified Information Systems Security Professional (CISSP) credential, beginning April 15, 2015. (ISC) conducts this process on a regular basis to ensure that the examinations and

CYBERSECURITY: THE ESSENTIAL BODY OF KNOWLEDGE provides a comprehensive, trustworthy framework of practices for assuring information security. This book is organized to help readers understand how the various roles and functions within cybersecurity practice can be combined and leveraged to produce a secure organization. In this unique book, concepts are not presented as stagnant theory; instead, the content is interwoven in a real world adventure story that runs throughout. In the story, a fictional company experiences numerous pitfalls of cyber security and the reader is immersed in the everyday practice of securing the company through various characters' efforts. This approach grabs learners' attention and assists them in visualizing the application of the content to real-world issues that they will face in their professional life. Derived from the Department of Homeland Security's Essential Body of Knowledge (EBK) for IT Security, this book is an indispensable resource dedicated to understanding the framework, roles, and competencies involved with information security. Important Notice: Media content referenced within the product description or the product text may not be available in the ebook version.

The chapters in this book present the work of researchers, scientists, engineers, and teachers engaged with developing unified foundations, principles, and technologies for cyber-physical security. They adopt a multidisciplinary approach to solving related problems in next-generation systems, representing views from academia, government bodies, and industrial partners, and their contributions discuss current work on modeling, analyzing, and understanding cyber-physical systems.

A framework for formalizing risk management thinking intoday¿s complex business environment Security Risk Management Body of Knowledge details thesecurity risk management process in a format that can easily beapplied by executive managers and security risk managementpractitioners. Integrating knowledge, competencies, methodologies,and applications, it demonstrates how to document and incorporatebest-practice concepts from a range of complementarydisciplines. Developed to align with International Standards for RiskManagement such as ISO 31000 it enables professionals to applysecurity risk management (SRM) principles to specific areas ofpractice. Guidelines are provided for: Access Management; BusinessContinuity and Resilience; Command, Control, and Communications;Consequence Management and Business Continuity Management;Counter-Terrorism; Crime Prevention through Environmental Design;Crisis Management; Environmental Security; Events and MassGatherings; Executive Protection; Explosives and Bomb Threats;Home-Based Work; Human Rights and Security; Implementing SecurityRisk Management; Intellectual Property Protection; IntelligenceApproach to SRM; Investigations and Root Cause Analysis; MaritimeSecurity and Piracy; Mass Transport Security; OrganizationalStructure; Pandemics; Personal Protective Practices; Psych-ology ofSecurity; Red Teaming and Scenario Modeling; Resilience andCritical Infrastructure Protection; Asset-, Function-, Project-,and Enterprise-Based Security Risk Assessment; SecuritySpecifications and Postures; Security Training; Supply ChainSecurity; Transnational Security; and Travel Security. Security Risk Management Body of Knowledge is supportedby a series of training courses, DVD seminars, tools, andtemplates. This is an indispensable resource for risk and securityprofessional, students, executive management, and line managerswith security responsibilities.