In Project Zero Trust: A Story About a Strategy for Aligning Security and the Business, George Finney, chief security officer at Southern Methodist University, delivers an insightful and practical discussion of Zero Trust implementation. Presented in the form of a fictional narrative involving a breach at a company, the book tracks the actions of the company's new IT security director. Listeners will learn John Kindervag's 5-Step methodology for implementing Zero Trust, the four Zero Trust design principles, and how to limit the impact of a breach.

Thoroughly updated for the latest release of the Certified Information Systems Security Professional exam, this comprehensive resource covers all objectives in the 2021 CISSP exam developed by the International Information Systems Security Certification Consortium (ISC)2®. CISSP All-in-One Exam Guide, Ninth Edition features learning objectives at the beginning of each chapter, exam tips, practice questions, and in-depth explanations.

Eleventh Hour CISSP®: Study Guide, Third Edition, provides readers with a study guide on the most current version of the Certified Information Systems Security Professional exam. This book is streamlined to include only core certification information and is presented for ease of last-minute studying. Main objectives of the exam are covered concisely with key concepts highlighted. This new edition is aligned to cover all material in the most current version of the exam’s Common Body of Knowledge.

In The CISO Evolution: Business Knowledge for Cybersecurity Executives, information security experts Matthew K. Sharp and Kyriakos "Rock" Lambros deliver an insightful and practical resource to help cybersecurity professionals develop the skills they need to effectively communicate with senior management and boards. They assert business aligned cybersecurity is crucial and demonstrate how business acumen is being put into action to deliver meaningful business outcomes.

A straightforward look at the four domains of the ISACA Certified Information Security Manager exam. This book will help you get a firm grasp on the key topics needed for success with the exam. Included are over 120 practice questions covering the four domains of ISACA's CISM.

(ISC)2 CCSP Certified Cloud Security Professional Official Study Guide is your ultimate resource for the CCSP exam. Covering all CCSP domains, this book walks you through architectural concepts and design requirements, cloud data security, cloud platform and infrastructure security, cloud application security, operations, and legal and compliance with real-world scenarios to help you apply your skills along the way.

Essential CISM has been written with a single goal in mind - to present the CISM material in a way that is easy to absorb without leaving any content behind. Plenty of examples are included to drive the points home so that when it comes time to take the CISM exam, you are ready! The book is broken down into two sections. Section 1 covers basic concepts you will need to understand before hitting each domain. The CISM official exam guide is redundant across the domains, and so in this book you will encounter each topic once instead of having to rehash the same subject in different ways.

Essential CISA has been made with a single goal in mind - to present the CISA material in a way that is easy to absorb without leaving any content behind. Plenty of examples are included to drive the points home so when it comes time to take the CISA exam, you are ready!

Rick Howard, the Chief Security Officer, Chief Analyst, and Senior fellow at The Cyberwire, challenges the conventional wisdom of current cybersecurity best practices, strategy, and tactics and makes the case that the profession needs to get back to first principles.

Ransomware is a type of malicious attack where attackers encrypt an organization’s data and demand payment to restore access. This Ransomware Profile identifies the Cybersecurity Framework Version 1.1 security objectives that support identifying, protecting against, detecting, responding to, and recovering from ransomware events. The profile can be used as a guide to managing the risk of ransomware events. That includes helping to gauge an organization’s level of readiness to counter ransomware threats and to deal with the potential consequences of events.

Cybersecurity is an emerging career trend and will continue to become increasingly important. Despite the lucrative pay and significant career growth opportunities, many people are unsure of how to get started.

This fully revised and updated resource offers complete coverage of the latest release of CompTIA A+ exams 220-1101 and 220-1102. You'll find learning objectives at the beginning of each chapter, exam tips, practice exam questions, and in-depth explanations. Designed to help you pass the CompTIA A+ exams with ease, this definitive guide also serves as an essential on-the-job IT reference.

Cybersecurity All-in-One For Dummies covers a lot of ground in the world of keeping computer systems safe from those who want to break in. This book offers a one-stop resource on cybersecurity basics, personal security, business security, cloud security, security testing, and security awareness. Filled with content to help with both personal and business cybersecurity needs, this book shows you how to lock down your computers, devices, and systems—and explains why doing so is more important now than ever.

If keeping your business or your family safe from cybersecurity threats is on your to-do list, Cybersecurity for Dummies will introduce you to the basics of becoming cyber-secure! You'll learn what threats exist, and how to identify, protect against, detect, and respond to these threats, as well as how to recover if you have been breached!

The CISSP certification is the gold standard for security professionals, but ISC2‘s official study guide is anything but easy to read. Many books have tried to simplify this but fail to leave behind the $100 words and run-on sentences. An update to the original Simple CISSP book, Essential CISSP Exam Guide takes the entire official study guide and breaks it down into easy-to-absorb chapters with simple language. Tons of examples are included to drive the points home in a way that makes it effortless to remember.

Are you ready to revolutionize your organization’s approach to cybersecurity and learn GRC? In a world where threats evolve faster than ever, achieving robust Governance, Risk Management, and Compliance (GRC) is no longer optional—it’s essential. Yet, countless organizations struggle to bridge the gap between lofty compliance standards and practical implementation. Imagine having a proven roadmap that transforms the complexities of cybersecurity frameworks into a clear, actionable plan tailored to your organization’s unique needs while giving you a practical understanding of GRC. ...

Unlock the secrets to mastering the NIST 800 risk management process in record time with this powerful 2-in-1 bundle! Introducing Information Systems Security NIST 800 2-in-1, featuring both RMF ISSO Foundation Guide and RMF ISSO: NIST 800-53. This comprehensive series is your ultimate roadmap to success, designed to simplify the complexities of NIST 800-53 security controls and show you the actionable steps required throughout the RMF process.

Essential CISM has been written with a single goal in mind - to present the CISM material in a way that is easy to absorb without leaving any content behind. Plenty of examples are included to drive the points home so that when it comes time to take the CISM exam, you are ready! The book is broken down into two sections. Section 1 covers basic concepts you will need to understand before hitting each domain. The CISM official exam guide is redundant across the domains, and so in this book you will encounter each topic once instead of having to rehash the same subject in different ways.

The NIST Cybersecurity Framework, intelligently designed to synchronize with top-tier industry practices, is a treasure trove for all cybersecurity enthusiasts, IT professionals, or organizational leaders determined to enhance their information systems security. This book, with its ability to translate complex concepts into accessible lessons, has the power to elevate beginners into adept cybersecurity practitioners.

Do you need a thorough but straightforward breakdown of the NIST Cybersecurity Framework v1.0? This TWO-BOOK BUNDLE gives a working explanation of the NIST CSF and a method of practical application. Equip yourself with a dual weapon against cyber threats – a theoretical understanding and actionable strategies. Whether you're a cybersecurity novice or a seasoned expert, this 2-in-1 bundle is a must-have resource.