Corporate Information Security Processes and Services

Viegas, Virgilio; Kuyucu, Oben

doi:10.1007/978-1-4842-7799-7_5

Virgilio Viegas³ &
Oben Kuyucu³

2254 Accesses

Abstract

This chapter addresses all the processes and services in the organization’s information security scope that should be implemented. Processes related to security awareness, training, and simulated attacks are addressed in the next chapter.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+

from €37.37 /Month

Starting from 10 chapters or articles per month
Access and download chapters and articles from more than 300k books and 2,500 journals
Cancel anytime

Buy Now

eBook: EUR 17.99; Price includes VAT (Netherlands)

Softcover Book: EUR 70.84; Price includes VAT (Netherlands)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Introduction to Information Security

System Administration

Social Media and Corporate Security

Notes

1.
Information Governance Initiative. IGI State of the Industry Report: Volume III. Washington, DC: IGI. https://iginitiative.com/wp-content/uploads/The-State-of-IG-Report-Volume-III-highres.pdf. 2018.
2.
https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-100.pdf
3.
www.iso.org/standard/74046.html
4.
www.first.org/cvss/v3.1/specification-document
5.
https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-37r2.pdf
6.
www.iso.org/standard/75281.html
7.
www.pcisecuritystandards.org/documents/PCI_DSS_Risk_Assmt_Guidelines_v1.pdf
8.
www.enisa.europa.eu/topics/threat-risk-management/risk-management/current-risk/business-process-integration/the-enisa-rm-ra-framework
9.
www.pmi.org/certifications/risk-management-rmp
10.
www.isaca.org/credentialing/crisc
11.
www.offensive-security.com/pwk-oscp/
12.
www.offensive-security.com/pen300-osep
13.
www.eccouncil.org/programs/certified-ethical-hacker-ceh/
14.
www.eccouncil.org/programs/licensed-penetration-tester-lpt-master/
15.
www.giac.org/certification/gpen
16.
www.giac.org/certification/gwapt
17.
www.giac.org/certification/gxpn
18.
https://crest-approved.org
19.
www.ncsc.gov.uk/information/check-penetration-testing
20.
www.comptia.org/certifications/pentest
21.
https://owasp.org/www-project-top-ten/
22.
https://owasp.org/www-project-code-review-guide/assets/OWASP_Code_Review_Guide_v2.pdf
23.
https://owasp.org/www-project-web-security-testing-guide/
24.
https://owasp.org/www-project-mobile-security-testing-guide/
25.
https://owasp.org/www-project-security-knowledge-framework/
26.
https://owasp.org/www-project-zap/
27.
https://nvd.nist.gov/vuln-metrics/cvss
28.
https://nvd.nist.gov/
29.
https://csrc.nist.gov/publications/detail/sp/800-61/rev-2/final
30.
https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-86.pdf
31.
For a curated list, go to https://github.com/jivoi/awesome-osint.
32.
Please see Chapter 9.
33.
https://csrc.nist.gov/publications/detail/sp/800-88/rev-1/final
34.
NIST SP 800-37 Rev. 2 from NIST SP 800-160 Vol. 2

Author information

Authors and Affiliations

Doha, Qatar
Virgilio Viegas & Oben Kuyucu

Authors

Virgilio Viegas
View author publications
Search author on:PubMed Google Scholar
Oben Kuyucu
View author publications
Search author on:PubMed Google Scholar

Rights and permissions

Reprints and permissions

Copyright information

About this chapter

Cite this chapter

Viegas, V., Kuyucu, O. (2022). Corporate Information Security Processes and Services. In: IT Security Controls. Apress, Berkeley, CA. https://doi.org/10.1007/978-1-4842-7799-7_5

Download citation

DOI: https://doi.org/10.1007/978-1-4842-7799-7_5
Published: 24 March 2022
Publisher Name: Apress, Berkeley, CA
Print ISBN: 978-1-4842-7798-0
Online ISBN: 978-1-4842-7799-7
eBook Packages: Professional and Applied ComputingApress Access BooksProfessional and Applied Computing (R0)

Publish with us

Policies and ethics