The InfoSec Handbook: An Introduction to Information Security

The InfoSec Handbook offers the reader an organized layout of information that is easily read and understood. Allowing beginners to enter the field and understand the key concepts and ideas, while still keeping the experienced readers updated on topics and concepts.

It is intended mainly for beginners to the field of information security, written in a way that makes it easy for them to understand the detailed content of the book. The book offers a practical and simple view of the security practices while still offering somewhat technical and detailed information relating to security. It helps the reader build a strong foundation of information, allowing them to move forward from the book with a larger knowledge base.

Security is a constantly growing concern that everyone must deal with. Whether it’s an average computer user or a highly skilled computer user, they are always confronted with different security risks. These risks range in danger and should always be dealt with accordingly. Unfortunately, not everyone is aware of the dangers or how to prevent them and this is where most of the issues arise in information technology (IT). When computer users do not take security into account many issues can arise from that like system compromises or loss of data and information. This is an obvious issue that is present with all computer users.

This book is intended to educate the average and experienced user of what kinds of different security practices and standards exist. It will also cover how to manage security software and updates in order to be as protected as possible from all of the threats that they face.

What you’ll learn

• Essentials of information security in all forms
• Importance of information security in present day business
• Establishing an ISMS through a step by step process
• Best practices in implementation
• The various domains of information security

About the Authors

Umesha Nayak is a director and principal consultant of MUSA software engineering pvt. Ltd. which is into systems / process / management consulting. He has 32 years experience, of which 11 years are in providing consultancy to IT / manufacturing for other organizations from across the globe. He is a master of science in software systems; master of arts in economics; CAIIB; certified information systems auditor (CISA) and certified risk and information systems control (CRISC) professional from ISACA, US; PGDFM; certified lead auditor for many of the standards, among others. He has worked extensively in banking, software development, product design and development, project management, program management, information technology audits, information application audits, quality assurance, coaching, product reliability, human resource management, consultancy, etc. He was vice president and corporate executive council member at Polaris software lab, Chennai prior to his current assignment. He also held various roles like head of quality, head of SEPG and head of strategic practice unit risks & treasury at Polaris software lab. He started his journey with computers in 1981 with ICL mainframes and continued further with minis, pcs etc. He was one of the founding members of the information systems auditing in the banking industry in India. He has effectively guided many organizations through successful ISO 9001/ISO 27001/CMMI certifications and process improvements.

Professor Umesh Hodeghatta Rao is on the faculty in the area of Information Systems at Xavier Institute of Management, Bhubaneswar. He has more than 20 years of work experience and has held technical and senior management positions at Wipro Technologies, McAfee, Cisco Systems and AT&T Bell Laboratories, USA. He has published journal articles in international journals and conferences. He graduated with a master's degree from Oklahoma State University, USA (MSEE) and is pursuing a PhD at the Indian Institute of Technology, Kharagpur. He is a senior member of the IEEE.