{"product_id":"from-zero-day-to-cism-certified-andrea-piras-9798286102365","title":"From Zero-Day to Cism Certified Information Security Manager: A Comprehensive Guide to Mastering Information Security Governance, Risk, and Incident M","description":"\u003cb\u003eFrom zero-day to CISM Certified Information Security Manager\u003c\/b\u003e is designed as a comprehensive support tool for professionals pursuing the CISM certification, a globally recognized credential in information security management. CISM, offered by ISACA, emphasizes strategic security management and is held by over 45,000 professionals worldwide since its inception in 2002. Achieving CISM validates one's expertise in governing and managing enterprise information security programs. The primary purpose of this book is twofold: firstly, to help readers master the knowledge required to pass the CISM exam; and secondly, to serve as a managerial guideline that practitioners can reference in real-world cybersecurity roles. By blending exam-focused content with practical insights, the book bridges the gap between certification objectives and on-the-job security management practices. It aims to not only \u003cb\u003eprepare candidates for the exam\u003c\/b\u003e but also to \u003cb\u003eequip security managers\u003c\/b\u003e with frameworks and strategies that can be applied in their organizations' security programs.\u003cbr\u003e\u003cb\u003eManagerial Cybersecurity Guide: \u003c\/b\u003e Beyond exam preparation, this book functions as a management guide for cybersecurity professionals. It aligns with the challenges faced by security managers and IT leaders in today's complex threat landscape. Readers will find guidance on establishing governance structures, aligning security initiatives with business goals, managing risks at an enterprise level, developing robust security programs, and responding to incidents effectively. \u003cp\u003e\u003c\/p\u003e\u003cb\u003eTarget Audience\u003c\/b\u003e\u003cbr\u003eThe target audience for this book includes a broad range of professionals in the cybersecurity and risk management fields who aspire to leadership and management roles. It is written with the following readers in mind: \u003cul\u003e\n\u003cli\u003e\u003cb\u003eAspiring CISM Candidates\u003c\/b\u003e\u003c\/li\u003e\n\u003cli\u003e\u003cb\u003eInformation Security Managers\u003c\/b\u003e\u003c\/li\u003e\n\u003cli\u003e\u003cb\u003eIT and Security Leaders\u003c\/b\u003e\u003c\/li\u003e\n\u003cli\u003e\u003cb\u003eRisk Management Professionals\u003c\/b\u003e\u003c\/li\u003e\n\u003cli\u003e\u003cb\u003eConsultants and Advisors\u003c\/b\u003e\u003c\/li\u003e\n\u003c\/ul\u003e\u003cbr\u003e\u003cb\u003eStructure of the Book\u003c\/b\u003e\u003cbr\u003eThe book is organized into five main parts, covering the four CISM domains as defined by ISACA. Each part is presented as a dedicated chapter that delves deeply into that domain's concepts, with a balanced mix of theoretical foundations and practical application: \u003cul\u003e\n\u003cli\u003e\n\u003cb\u003eChapter 1 - Information Security Governance: \u003c\/b\u003e Covers how to establish and maintain governance frameworks that align information security with business objectives and regulatory requirements. This chapter explores governance structures, roles and responsibilities, and policies. It introduces frameworks like \u003cb\u003eCOBIT\u003c\/b\u003e for IT governance and standards such as \u003cb\u003eISO\/IEC 27001\u003c\/b\u003e for security management.\u003c\/li\u003e\n\u003cli\u003e\n\u003cb\u003eChapter 2 - Information Risk Management: \u003c\/b\u003e Focuses on risk identification, assessment, evaluation, and response strategies. It presents both qualitative and quantitative risk assessment methodologies, referencing standards like \u003cb\u003eISO 31000:2018\u003c\/b\u003e for risk management and frameworks like NIST's Risk Management Framework (RMF).\u003c\/li\u003e\n\u003cli\u003e\n\u003cb\u003eChapter 3-4 - Information Security Program Development and Management: \u003c\/b\u003e Provides a comprehensive look at building and running an enterprise security program. These chapters address how to design security architecture and controls in alignment with business goals and risk assessments.\u003c\/li\u003e\n\u003cli\u003e\n\u003cb\u003eChapter 5 - Information Security Incident Management: \u003c\/b\u003e Discusses the preparation for and management of security incidents to minimize business impact. It outlines the entire incident management life cycle: preparation, detection, analysis, containment, eradication, recovery, and post-incident learning.\u003c\/li\u003e\n\u003c\/ul\u003e\u003cbr\u003e\u003cbr\u003e\u003cb\u003eAuthor:\u003c\/b\u003e Andrea Piras\u003cbr\u003e\u003cb\u003eISBN-13:\u003c\/b\u003e 9798286102365\u003cbr\u003e\u003cb\u003ePublisher:\u003c\/b\u003e Independently Published\u003cbr\u003e\u003cb\u003eLanguage:\u003c\/b\u003e English\u003cbr\u003e\u003cb\u003ePublished:\u003c\/b\u003e 06\/01\/2025\u003cbr\u003e\u003cb\u003ePages:\u003c\/b\u003e 316\u003cbr\u003e\u003cb\u003eFormat:\u003c\/b\u003e Paperback\u003cbr\u003e\u003cb\u003eWeight:\u003c\/b\u003e 1.21lbs\u003cbr\u003e\u003cb\u003eSize:\u003c\/b\u003e 10.00h x 7.00w x 0.66d","brand":"Andrea Piras","offers":[{"title":"Paperback","offer_id":48659635634431,"sku":"9798286102365","price":39.5,"currency_code":"USD","in_stock":true}],"url":"https:\/\/www.whiterainbookhouse.com\/products\/from-zero-day-to-cism-certified-andrea-piras-9798286102365","provider":"WR Book House","version":"1.0","type":"link"}