Principles of Information Security / Michael E. Whitman and Herbert J. Mattord

It includes Glossary and Index Pages.

Overview:
Introduce the latest technology and developments with the book specifically oriented to the needs of information systems students: PRINCIPLES OF INFORMATION SECURITY, 6E. Taking a managerial approach, this market-leading introductory book emphasizes all the aspects of information security -- not just the technical control perspective. Students gain a broad overview of the entire field of information security and related elements with the detail to ensure understanding. Students review terms used in the field, a history of the discipline, and an overview of how to manage an information security program. Current and relevant, this edition highlights the latest practices with fresh examples that explore the impact of emerging technologies, such as the Internet of Things, Cloud Computing, and DevOps. Updates address technical security controls, emerging legislative issues, digital forensics, and ethical issues in IS security, making it ideal for business decision-makers.

Features:


THIS BOOK ILLUSTRATES HOW INFORMATION SECURITY IS BOTH A MANAGEMENT AND TECHNOLOGY CHALLENGE. Students clearly see how information security in today’s modern organization is a problem for management to solve and not simply a problem that technology alone can answer. Readers examine how security problems have important economic consequences, for which management is held accountable.
BOOK CONSISTENTLY EMPHASIZES REAL-WORLD APPLICATION. Students understand the relevance of what they are learning as this edition is packed with the latest timely, hands-on examples of information security issues, tools, and practices implemented in today's organizations.
ENGAGING, REVELANT CHAPTER OPENERS EMPHASIZE THE CRITICAL NATURE OF INFORMATION SECURITY. Each chapter opens with a short story that follows the same fictional company as it encounters actual real-world issues within modern information security. At the end of the chapter, discussion questions complete the case study scenario, giving you and your students opportunities to discuss the underlying issues.
OFFLINE AND TECHNICAL DETAILS BOXES HIGHLIGHT INTERESTING TOPICS AND CONTEMPORARY TECHNICAL ISSUES. Interspersed throughout the textbook, these captivating features enable your students to delve into key concepts more deeply.
CHAPTERS END WITH A SUMMARY, REVIEW QUESTIONS AND EXERCISES DESIGNED TO EXTEND STUDENT UNDERSTANDING. These end-of-chapter features enable students to examine the information security arena outside of the classroom. Exercises prompt students to research, analyze, and write to reinforce learning objectives and deepen their understanding of the key issues within this edition.
UP-TO-DATE MANAGERIAL CONTENT EQUIPS STUDENTS FOR SUCCESS. This book’s managerial approach offers general, but valuable, information without bogging readers down with extraneous, highly specific details.
THE TEXT PROVIDES SUPPORT FOR MAPPING TO LEADING STANDARDS. With this edition, you can easily map to both the NIST National Initiative for Cybersecurity Education (NICE) Workforce framework and DHS/NSA National Center of Academic Excellence in Cyber Defense Education designation.
COMPLETELY UP TO DATE CONTENT REFLECTS THE LATEST DEVELOPMENTS FROM THE FIELD. Your students examine new innovations in technology and methodologies with this edition’s updated examples and references. This edition ensures you are able to present the most current coverage of emerging issues available.
REFINED TERMS AND GREATER IN-DEPTH CONTENT ON INFORMATION SECURITY THREATS INCREASE THIS EDITION’S RELEVANCE. Updated definitions and timely context of key terminology ensures a contemporary understanding and logical flow of the text. In addition, refined coverage of threats and attacks with added insights and depth on threat levels and severities and reorganized coverage of attacks against information systems prepares students for security challenges.
UPDATED MATERIAL PREVIEWS THE LATEST IN TECHNICAL SECURITY CONTROLS. Students examine how today’s control environment continues its migration to an environment with less emphasis on the network perimeter and more reliance on Cloud Computing and the Internet of Things.
Includes MindTap which is an interactive, customizable and complete learning solution. It includes a MindTap Reader and a library of learning apps (e.g., CNOW, Aplia, ReadSpeaker, Merriam-Webster dictionary, MyContent, RSS Feed, Kaltura, Progress app, etc.).

Table of Contents:

1. Introduction to Information Security.

2. The Need for Security.

3. Legal, Ethical, and Professional Issues in Information Security.

4. Planning for Security.

5. Risk Management.

6. Security Technology: Firewalls, VPNs, and Wireless.

7. Security Technology: Intrusion Detection and Prevention Systems and Other Security Tools.

8. Cryptography.

9. Physical Security.

10. Implementing Information Security.

11. Security and Personnel.

12. Information Security Maintenance and eDiscovery.