Details

8 Steps to Better Security


8 Steps to Better Security

A Simple Cyber Resilience Guide for Business
1. Aufl.

von: Kim Crawley

19,99 €

Verlag: Wiley
Format: PDF
Veröffentl.: 16.08.2021
ISBN/EAN: 9781119811251
Sprache: englisch
Anzahl Seiten: 224

DRM-geschütztes eBook, Sie benötigen z.B. Adobe Digital Editions und eine Adobe ID zum Lesen.

Beschreibungen

<p><b>Harden your business against internal and external cybersecurity threats with a single accessible resource.</b></p> <p>In <i>8 Steps to Better Security: A Simple Cyber Resilience Guide for Business</i>, cybersecurity researcher and writer Kim Crawley delivers a grounded and practical roadmap to cyber resilience in any organization. Offering you the lessons she learned while working for major tech companies like Sophos, AT&T, BlackBerry Cylance, Tripwire, and Venafi, Crawley condenses the essence of business cybersecurity into eight steps.</p> <p>Written to be accessible to non-technical businesspeople as well as security professionals, and with insights from other security industry leaders, this important book will walk you through how to:</p> <ul> <li>Foster a strong security culture that extends from the custodial team to the C-suite</li> <li>Build an effective security team, regardless of the size or nature of your business</li> <li>Comply with regulatory requirements, including general data privacy rules and industry-specific legislation</li> <li>Test your cybersecurity, including third-party penetration testing and internal red team specialists</li> </ul> <p>Perfect for CISOs, security leaders, non-technical businesspeople, and managers at any level, <i>8 Steps to Better Security</i> is also a must-have resource for companies of all sizes, and in all industries.</p>
<p>Foreword xi</p> <p>Introduction xiii</p> <p><b>Chapter 1: </b><b>Step 1: Foster a Strong Security Culture 1</b></p> <p>Kevin Mitnick, Human Hacker Extraordinaire 3</p> <p>The Importance of a Strong Security Culture 5</p> <p>Hackers Are the Bad Guys, Right? 6</p> <p>What is Security Culture? 7</p> <p>How to Foster a Strong Security Culture 9</p> <p>Security Leaders on Security Culture 12</p> <p>What Makes a Good CISO? 13</p> <p>The Biggest Mistakes Businesses Make When It Comes to Cybersecurity 14</p> <p>The Psychological Phases of a Cybersecurity Professional 15</p> <p><b>Chapter 2: </b><b>Step 2: Build a Security Team 19</b></p> <p>Why Step 2 is Controversial 20</p> <p>How to Hire the Right Security Team. . .the Right Way 28</p> <p>Security Team Tips from Security Leaders 29</p> <p>The “Culture Fit”—Yuck! 30</p> <p>Cybersecurity Budgets 34</p> <p>Design Your Perfect Security Team 35</p> <p><b>Chapter 3: </b><b>Step 3: Regulatory Compliance 39</b></p> <p>What Are Data Breaches, and Why Are They Bad? 40</p> <p>The Scary Truth Found in Data Breach Research 45</p> <p>An Introduction to Common Data Privacy Regulations 49</p> <p>The General Data Protection Regulation 49</p> <p>The California Consumer Privacy Act 50</p> <p>The Health Insurance Portability and Accountability Act 52</p> <p>The Gramm-Leach-Bliley Act 52</p> <p>Payment Card Industry Data Security Standard 53</p> <p>Governance, Risk Management, and Compliance 53</p> <p>More About Risk Management 54</p> <p>Threat Modeling 55</p> <p><b>Chapter 4: </b><b>Step 4: Frequent Security Testing 57</b></p> <p>What is Security Testing? 58</p> <p>Security Testing Types 58</p> <p>Security Audits 58</p> <p>Vulnerability Assessments Versus Penetration Testing 59</p> <p>Red Team Testing 61</p> <p>Bug Bounty Programs 61</p> <p>What’s Security Maturity? 63</p> <p>The Basics of Security Audits and Vulnerability Assessments 64</p> <p>Log Early, Log Often 66</p> <p>Prepare for Vulnerability Assessments and Security Audits 67</p> <p>A Concise Guide to Penetration Testing 69</p> <p>Penetration Testing Based on Network Knowledge 70</p> <p>Penetration Testing Based on Network Aspects 73</p> <p>Security Leaders on Security Maturity 76</p> <p>Security Testing is Crucial 78</p> <p><b>Chapter 5: </b><b>Step 5: Security Framework Application 79</b></p> <p>What is Incident Response? 80</p> <p>Preparation 80</p> <p>Identification or Analysis 82</p> <p>Containment, Mitigation, or Eradication 83</p> <p>Recovery 84</p> <p>Post-incident 86</p> <p>Your Computer Security Incident Response Team 86</p> <p>Cybersecurity Frameworks 89</p> <p>NIST Cybersecurity Framework 89</p> <p>Identify 90</p> <p>Protect 92</p> <p>Detect 95</p> <p>Respond 97</p> <p>Recover 99</p> <p>ISO 27000 Cybersecurity Frameworks 101</p> <p>CIS Controls 102</p> <p>COBIT Cybersecurity Framework 105</p> <p>Security Frameworks and Cloud Security 106</p> <p><b>Chapter 6: </b><b>Step 6: Control Your Data Assets 109</b></p> <p>The CIA Triad 110</p> <p>Access Control 112</p> <p>Patch Management 113</p> <p>Physical Security and Your Data 115</p> <p>Malware 116</p> <p>Cryptography Basics 119</p> <p>Bring Your Own Device and Working from Home 123</p> <p>Data Loss Prevention 124</p> <p>Managed Service Providers 126</p> <p>The Dark Web and Your Data 128</p> <p>Security Leaders on Cyber Defense 130</p> <p>Control Your Data 132</p> <p><b>Chapter 7: </b><b>Step 7: Understand the Human Factor 133</b></p> <p>Social Engineering 134</p> <p>Phishing 139</p> <p>What Can NFTs and ABA Teach Us About Social Engineering? 141</p> <p>How to Prevent Social Engineering Attacks on Your Business 146</p> <p>UI and UX Design 147</p> <p>Internal Threats 148</p> <p>Hacktivism 152</p> <p><b>Chapter 8: </b><b>Step 8: Build Redundancy and Resilience 155</b></p> <p>Understanding Data and Networks 156</p> <p>Building Capacity and Scalability with the Power of the Cloud 158</p> <p>Back It Up, Back It Up, Back It Up 161</p> <p>RAID 162</p> <p>What Ransomware Taught Business About Backups 164</p> <p>Business Continuity 167</p> <p>Disaster Recovery 168</p> <p><b>Chapter 9: </b><b>Afterword 173</b></p> <p><b>Step 1 173</b></p> <p>The Most Notorious Cyberattacker Was Actually a Con Man 174</p> <p>A Strong Security Culture Requires All Hands on Deck 174</p> <p>Hackers Are the Good Guys, Actually 174</p> <p>What Is Security Culture? 175</p> <p>What Makes a Good CISO? 175</p> <p>The Psychological Phases of a Cybersecurity Professional 176</p> <p>Recommended Readings 177</p> <p><b>Step 2 178</b></p> <p>Tackling the Cybersecurity Skills Gap Myth 178</p> <p>Take “Culture Fit” Out of Your Vocabulary 179</p> <p>Your Cybersecurity Budget 180</p> <p>Recommended Readings 180</p> <p><b>Step 3 181</b></p> <p>Data Breaches 181</p> <p>Data Privacy Regulations 182</p> <p>Risk Management 183</p> <p>Recommended Readings 183</p> <p><b>Step 4 184</b></p> <p>Security Audits 184</p> <p>Vulnerability Assessments 185</p> <p>Penetration Testing 185</p> <p>Bug Bounty Programs 185</p> <p>Recommended Reading 186</p> <p><b>Step 5 187</b></p> <p>Incident Response 187</p> <p>Cybersecurity Frameworks 187</p> <p>Recommended Reading 188</p> <p><b>Step 6 188</b></p> <p>The CIA Triad 188</p> <p>Access Control 189</p> <p>Patch Management 189</p> <p>Physical Security 189</p> <p>Malware 189</p> <p>Cryptography 190</p> <p>BYOD and Working from Home 190</p> <p>Data Loss Prevention 191</p> <p>Managed Service Providers 191</p> <p>Recommended Reading 191</p> <p><b>Step 7 192</b></p> <p>Social Engineering 192</p> <p>UI and UX Design 193</p> <p>Internal Threats 193</p> <p>Recommended Readings 194</p> <p><b>Step 8 194</b></p> <p>Cloud Networks 195</p> <p>Data Backups 195</p> <p>Business Continuity and Disaster Recovery 196</p> <p>Recommended Readings 196</p> <p>Keeping Your Business Cyber Secure 197</p> <p>Index 199</p>
<p><b>KIM CRAWLEY</b> focuses on researching and writing about cybersecurity issues. Her career has included work with Sophos, AT&T Cybersecurity, BlackBerry Cylance, Tripwire, and Venafi. She specializes in all matters red team, blue team, and purple team and is especially fascinated by malware, social engineering, and advanced persistent threats. She runs an online cybersecurity event called DisInfoSec.</p>
<p><b>Prepare your organization for the modern cybersecurity threat environment</b></p> <p>In <i>8 Steps to Better Security: A Simple Cyber Resilience Guide for Business,</i> cybersecurity researcher and threat expert Kim Crawley walks you through the practical steps you'll need to carry out to properly prepare your company for modern cybersecurity threats. Accessible to technical and non-technical professionals alike, the book offers the cybersecurity insights gained by the author during her long career with companies like Sophos, AT&T, BlackBerry Cylance, Tripwire, and Venafi.</p> <p>Distilling her extensive expertise into 8 simple steps, Crawley explains exactly what you need to do to harden your computers and networks against external and internal threats. From fostering a strong security culture to building a security team, ensuring regulatory compliance, and engaging in regular security testing, you'll learn how to efficiently manage and secure your data in a way that makes sense for your business.</p> <p>Perfect for CISOs, non-technical business professionals, cybersecurity and IT personnel, and business leaders of all sorts, <i>8 Steps to Better Security: A Simple Cyber Resilience Guide for Business</i> is the hands-on roadmap you need to translate the latest IT and security best practices into actionable strategies your company can implement immediately.</p> <p><b>This important book includes information explaining how to:</b></p> <ul> <li>Build redundance and resilience into your processes and networks</li> <li>Phish-proof your organization and train your people to be aware of external threats</li> <li>Manage and control your data assets to protect your IP and sensitive data</li> <li>Develop a security framework on which you can build your security policies</li> <li>Understand the NIST, ISO 27000, CIS, and COBIT Cybersecurity Frameworks</li> </ul>

Diese Produkte könnten Sie auch interessieren:

MDX Solutions
MDX Solutions
von: George Spofford, Sivakumar Harinath, Christopher Webb, Dylan Hai Huang, Francesco Civardi
PDF ebook
53,99 €
Concept Data Analysis
Concept Data Analysis
von: Claudio Carpineto, Giovanni Romano
PDF ebook
107,99 €
Handbook of Virtual Humans
Handbook of Virtual Humans
von: Nadia Magnenat-Thalmann, Daniel Thalmann
PDF ebook
150,99 €