Skip to main content
SpringerLink
Log in

Information Security Planning

A Practical Approach

  • Book
  • © 2024
  • Latest edition

Overview

Authors:
  1. Susan Lincke

    1. University of Wisconsin-Parkside, Kenosha, USA

    View author publications

    You can also search for this author in PubMed   Google Scholar

  • Guides the reader to develop their own organizational security plan
  • Provides case studies, PowerPoint lectures, Security Workbook sections
  • Includes a chapter on Payment Card Industry’s Data Security Standard (PCI DSS)
  • Request lecturer material: sn.pub/lecturer-material

This is a preview of subscription content, log in via an institution to check access.

Access this book

Log in via an institution
eBook USD 16.99 USD 39.99
Discount applied Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Hardcover Book USD 54.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Other ways to access

Licence this eBook for your library

Institutional subscriptions

About this book

This book demonstrates how information security requires a deep understanding of an organization's assets, threats and processes, combined with the technology that can best protect organizational security. It provides step-by-step guidance on how to analyze business processes from a security perspective, while also introducing security concepts and techniques to develop the requirements and design for security technologies. This interdisciplinary book is intended for business and technology audiences, at student or experienced levels.

Organizations must first understand the particular threats that an organization may be prone to, including different types of security attacks, social engineering, and fraud incidents, as well as addressing applicable regulation and security standards. This international edition covers Payment Card Industry Data Security Standard (PCI DSS), American security regulation, and European GDPR.  Developing a risk profile helps to estimate the potential costs that an organization may be prone to, including how much should be spent on security controls.

Security planning then includes designing information security, as well as network and physical security, incident response and metrics. Business continuity considers how a business may respond to the loss of IT service. Optional areas that may be applicable include data privacy, cloud security, zero trust, secure software requirements and lifecycle, governance, introductory forensics, and ethics.

This book targets professionals in business, IT, security, software development or risk. This text enables computer science, information technology, or business students to implement a case study for an industry of their choosing.

.

Keywords

Table of contents (23 chapters)

  1. Front Matter

    Pages i-xxi
    Download chapter PDF

  2. Part I

    1. Front Matter

      Pages 1-1
      Download chapter PDF

    2. Security Awareness: Brave New World

      • Susan Lincke
      Pages 3-20

    3. Combatting Fraud

      • Susan Lincke
      Pages 21-43

    4. Complying with the PCI DSS Standard

      • Susan Lincke
      Pages 45-63

  3. Part II

    1. Front Matter

      Pages 65-65
      Download chapter PDF

    2. Managing Risk

      • Susan Lincke
      Pages 67-89

    3. Addressing Business Impact Analysis and Business Continuity

      • Susan Lincke
      Pages 91-109

    4. Governing: Policy, Maturity Models and Planning

      • Susan Lincke
      Pages 111-121

  4. Part III

    1. Front Matter

      Pages 123-125
      Download chapter PDF

    2. Designing Information Security

      • Susan Lincke
      Pages 127-145

    3. Planning for Network Security

      • Susan Lincke
      Pages 147-172

    4. Designing Physical Security

      • Susan Lincke
      Pages 173-184

    5. Attending to Information Privacy

      • Susan Lincke
      Pages 185-200

    6. Planning for Alternative Networks: Cloud Security and Zero Trust

      • Susan Lincke
      Pages 201-220

    7. Organizing Personnel Security

      • Susan Lincke
      Pages 221-233

  5. Part IV

    1. Front Matter

      Pages 235-235
      Download chapter PDF

    2. Planning for Incident Response

      • Susan Lincke
      Pages 237-257

    3. Defining Security Metrics

      • Susan Lincke
      Pages 259-269

    4. Performing an Audit or Security Test

      • Susan Lincke
      Pages 271-289
Back to top

Authors and Affiliations

  • University of Wisconsin-Parkside, Kenosha, USA

    Susan Lincke

About the author

Susan Lincke PhD is a Certified Information Systems Auditor with both industry and academic experience, able to know what is important in industry and how to teach it. Materials were funded by a National Science Foundation grant, where students planned security for real community partners.

Bibliographic Information

  • Book Title: Information Security Planning

  • Book Subtitle: A Practical Approach

  • Authors: Susan Lincke

  • DOI: https://doi.org/10.1007/978-3-031-43118-0

  • Publisher: Springer Cham

  • eBook Packages: Computer Science, Computer Science (R0)

  • Copyright Information: The Editor(s) (if applicable) and The Author(s), under exclusive license to Springer Nature Switzerland AG 2024

  • Hardcover ISBN: 978-3-031-43117-3Published: 17 January 2024

  • Softcover ISBN: 978-3-031-43120-3Due: 17 February 2024

  • eBook ISBN: 978-3-031-43118-0Published: 16 January 2024

  • Edition Number: 2

  • Number of Pages: XXI, 445

  • Number of Illustrations: 18 b/w illustrations, 68 illustrations in colour

  • Topics: Principles and Models of Security, Systems and Data Security, Privacy, Business Information Systems, Legal Aspects of Computing

Publish with us

Policies and ethics

Back to top

Search

Navigation