Designing a HIPAA-Compliant Security Operations Center: A Guide to Detecting and Responding to Healthcare Breaches and Events
暫譯: 設計符合HIPAA的安全運營中心:檢測和應對醫療保健違規和事件的指南
Thompson, Eric C.
買這商品的人也買了...
-
$352低功耗藍牙開發權威指南 -
使用者故事對照 (User Story Mapping: Discover the Whole Story, Build the Right Product)$580$458 -
打動人心的產品設計|頂尖設計師打造成功產品的黃金法則 (Designing Products People Love: How Great Designers Create Successful Products)$580$458 -
3天搞懂財經資訊:看懂財經新聞、企業財報不求人,找出年年下蛋的金雞母!$300$255 -
3天搞懂基金買賣:3000元起,累積你的第一桶金 (最新增訂版)$300$237 -
$500汽車黑客大曝光 (The Car Hacker's Handbook:A Guide for the Penetration Tester) -
3天搞懂資產配置:存富、創富、守富、傳富,四步驟靈活規劃財富藍圖,投資理財一把罩!$300$255 -
$454黑客大曝光:工業控制系統安全 (Hacking Exposed Industrial Control Systems: ICS and SCADA Security Secrets & Solutions) -
3天搞懂 ETF 投資:跨市跨境高CP值,讓你繞著地球轉N圈!$300$255 -
MIS 一定要懂的 82個伺服器建置與管理知識$420$331 -
領域驅動設計:軟體核心複雜度的解決方法 (Domain-Driven Design: Tackling Complexity in the Heart of Software)$680$578 -
圖解資訊安全與個資保護|網路時代人人要懂的自保術$380$323 -
區塊鏈的商業應用成功實例|企業轉型x創新x營收成長 (Blockchain for Business)$380$323 -
史上最完整細節:Kubernetes 超應用全書$980$774 -
Microservices Security in Action$1,980$1,881 -
Go語言高併發與微服務實戰$534$507 -
深入淺出 Go (Head First Go)$880$695 -
突破困境:資安開源工具應用(iT邦幫忙鐵人賽系列書)$550$429 -
$1,010CISSP 權威指南, 8/e (CISSP All-in-One Exam Guide, 8/e) -
無卡無現金時代:網路支付業務規劃設計及實作$690$545 -
跟著 Docker 隊長,修練 22天就精通 - 搭配 20小時作者線上教學,無縫接軌 Microservices、Cloud-native、Serverless、DevOps 開發架構$880$695 -
$505DevSecOps 實戰 -
The Hacker Playbook 3 中文版:滲透測試實戰 (紅隊版)$650$507 -
CYBERSEC 2022 臺灣資安年鑑 ─ 零信任資安時代來臨:信任邊界徹底瓦解,安全需源自反覆驗證$179$161
相關主題
商品描述
Develop a comprehensive plan for building a HIPAA-compliant security operations center, designed to detect and respond to an increasing number of healthcare data breaches and events. Using risk analysis, assessment, and management data combined with knowledge of cybersecurity program maturity, this book gives you the tools you need to operationalize threat intelligence, vulnerability management, security monitoring, and incident response processes to effectively meet the challenges presented by healthcare's current threats.
Healthcare entities are bombarded with data. Threat intelligence feeds, news updates, and messages come rapidly and in many forms such as email, podcasts, and more. New vulnerabilities are found every day in applications, operating systems, and databases while older vulnerabilities remain exploitable. Add in the number of dashboards, alerts, and data points each information security tool provides and security teams find themselves swimming in oceans of data and unsure where to focus their energy. There is an urgent need to have a cohesive plan in place to cut through the noise and face these threats.
Cybersecurity operations do not require expensive tools or large capital investments. There are ways to capture the necessary data. Teams protecting data and supporting HIPAA compliance can do this. All that's required is a plan--which author Eric Thompson provides in this book.
What You Will Learn
- Know what threat intelligence is and how you can make it useful
- Understand how effective vulnerability management extends beyond the risk scores provided by vendors
- Develop continuous monitoring on a budget
- Ensure that incident response is appropriate
- Help healthcare organizations comply with HIPAA
Who This Book Is For
Cybersecurity, privacy, and compliance professionals working for organizations responsible for creating, maintaining, storing, and protecting patient information.
商品描述(中文翻譯)
建立一個全面的計劃,以建立符合 HIPAA(健康保險可攜性與責任法案)要求的安全運營中心,旨在檢測和應對日益增加的醫療數據洩露和事件。這本書結合風險分析、評估和管理數據,以及對網絡安全計劃成熟度的了解,為您提供了將威脅情報、漏洞管理、安全監控和事件響應流程運營化所需的工具,以有效應對醫療行業當前面臨的威脅。
醫療機構面臨大量數據的轟炸。威脅情報來源、新聞更新和消息以多種形式迅速傳來,例如電子郵件、播客等。每天都有新的漏洞在應用程序、操作系統和數據庫中被發現,而舊的漏洞仍然可被利用。再加上每個信息安全工具提供的儀表板、警報和數據點的數量,安全團隊發現自己在數據的海洋中游泳,無法確定應該將精力集中在哪裡。迫切需要一個連貫的計劃,以穿透噪音,面對這些威脅。
網絡安全運營不需要昂貴的工具或大量的資本投資。有方法可以捕獲所需的數據。保護數據並支持 HIPAA 合規性的團隊可以做到這一點。所需的只是計劃——作者埃里克·湯普森(Eric Thompson)在這本書中提供了這一計劃。
您將學到的內容:
- 知道什麼是威脅情報以及如何使其有用
- 理解有效的漏洞管理如何超越供應商提供的風險評分
- 在預算內開發持續監控
- 確保事件響應是適當的
- 幫助醫療機構遵守 HIPAA
本書適合對象:
從事網絡安全、隱私和合規工作的專業人士,這些人所在的組織負責創建、維護、存儲和保護病人信息。
作者簡介
Eric C. Thompson is the author of two previous Apress books: Building a HIPAA Compliant Cybersecurity Program and Cybersecurity Incident Response. He is certified by GIAC in intrusion analysis, incident handling, network forensics, and detection. He is currently Director of Information Security and IT Compliance at Blue Health Intelligence, a company focused on data analytics in the healthcare payer space. He has Implemented and matured all elements of security operations. He is a passionate user of many open-source solutions and loves working with new implementations of Snort, Zeek, and SOF-ELK. He also has significant experience assessing and managing cyber risks and complying with HIPAA.
作者簡介(中文翻譯)
Eric C. Thompson 是兩本 Apress 書籍的作者:建立符合 HIPAA 的網路安全計畫 和 網路安全事件回應。他擁有 GIAC 認證,專精於入侵分析、事件處理、網路取證和檢測。目前,他是 Blue Health Intelligence 的資訊安全與 IT 合規性總監,該公司專注於醫療保險領域的數據分析。他已經實施並成熟了所有安全運營的要素。他熱衷於使用許多開源解決方案,並喜歡與 Snort、Zeek 和 SOF-ELK 的新實作合作。他在評估和管理網路風險以及遵守 HIPAA 方面也擁有豐富的經驗。
