CERT® Resilience Management Model (CERT-RMM) is an innovative and transformative way to manage operational resilience in complex, risk-evolving environments. CERT-RMM distills years of research into best practices for managing the security and survivability of people, information, technology, and facilities. It integrates these best practices into a unified, capability-focused maturity model that encompasses security, business continuity, and IT operations. By using CERT-RMM, organizations can escape silo-driven approaches to managing operational risk and align to achieve strategic resilience management goals. This book both introduces CERT-RMM and presents the model in its entirety. It begins with essential background for all professionals, whether they have previously used process improvement models or not. Next, it explains CERT-RMM’s Generic Goals and Practices and discusses various approaches for using the model. Short essays by a number of contributors illustrate how CERT-RMM can be applied for different purposes or can be used to improve an existing program. Finally, the book provides a complete baseline understanding of all 26 process areas included in CERT-RMM. Part One summarizes the value of a process improvement approach to managing resilience, explains CERT-RMM’s conventions and core principles, describes the model architecturally, and shows how itsupports relationships tightly linked to your objectives. Part Two focuses on using CERT-RMM to establish a foundation for sustaining operational resilience management processes in complex environments where risks rapidly emerge and change. Part Three details all 26 CERT-RMM process areas, from asset definition through vulnerability resolution. For each, complete descriptions of goals and practices are presented, with realistic examples. Part Four contains appendices, including Targeted Improvement Roadmaps, a glossary, and other reference materials. This book will be valuable to anyone seeking to improve the mission assurance of high-value services, including leaders of large enterprise or organizational units, security or business continuity specialists, managers of large IT operations, and those using methodologies such as ISO 27000, COBIT, ITIL, or CMMI.

CERT® Resilience Management Model (CERT-RMM) is an innovative and transformative way to manage operational resilience in complex, risk-evolving environments. CERT-RMM distills years of research into best practices for managing the security and survivability of people, information, technology, and facilities. It integrates these best practices into a unified, capability-focused maturity model that encompasses security, business continuity, and IT operations. By using CERT-RMM, organizations can escape silo-driven approaches to managing operational risk and align to achieve strategic resili.

Describing OCTAVE (Operationally Critical Threat, Asset and Vulnerability Evaluation), a method of evaluating information security risk, this text should be of interest to risk managers.

Updated annually, the Information Security Management Handbook, Sixth Edition, Volume 6 is the most comprehensive and up-to-date reference available on information security and assurance. Bringing together the knowledge, skills, techniques, and tools required of IT security professionals, it facilitates the up-to-date understanding required to stay

Following the migration of workflows, data, and communication to the Cloud and other Internet-based frameworks, interaction over the Web has become ever more commonplace. As with any social situation, there are rules and consequences to actions within a virtual environment. Cyber Behavior: Concepts, Methodologies, Tools, and Applications explores the role of cyberspace in modern communication and interaction, including considerations of ethics, crime, security, and education. With chapters on a variety of topics and concerns inherent to a contemporary networked society, this multi-volume work will be of particular interest to students and academicians, as well as software developers, computer scientists, and specialists in the field of Information Technologies.

From driverless cars to vehicular networks, recent technological advances are being employed to increase road safety and improve driver satisfaction. As with any newly developed technology, researchers must take care to address all concerns, limitations, and dangers before widespread public adoption. Transportation Systems and Engineering: Concepts, Methodologies, Tools, and Applications addresses current trends in transportation technologies, such as smart cars, green technologies, and infrastructure development. This multivolume book is a critical reference source for engineers, computer scientists, transportation authorities, students, and practitioners in the field of transportation systems management.