Details

<p>Who We Are xxi</p> <p><b>Introduction 1</b></p> <p>Who Is This Book For?</p> <p>What the Book Covers</p> <p>Writing Conventions</p> <p>Road Map</p> <p><b>1 First Principles 9</b></p> <p>Overview</p> <p>What Are First Principles?</p> <p>What Is the Atomic Cybersecurity First Principle?</p> <p>Conclusion</p> <p><b>2 Strategies 41</b></p> <p>Overview</p> <p>Strategies vs. Tactics</p> <p>What Are the Essential Strategies Required for a First</p> <p>Principle Infosec Program?</p> <p>Zero Trust Strategy Overview-</p> <p>Intrusion Kill Chain Prevention Strategy Overview</p> <p>Resilience Strategy Overview</p> <p>Risk Forecasting Strategy Overview</p> <p>Automation Strategy Overview</p> <p>Conclusion</p> <p><b>3 Zero Trust 57</b></p> <p>Overview</p> <p>The Use Case for Zero Trust: Edward Snowden</p> <p>Zero Trust: Overhyped in the Market but.</p> <p>Cyber Hygiene, Defense in Depth, and Perimeter Defense:</p> <p>Zero Trust Before We Had Zero Trust</p> <p>Zero Trust Is Born</p> <p>Zero Trust Is a Philosophy, Not a Product</p> <p>Meat- and- Potatoes Zero Trust</p> <p>Logical and Micro Segmentation</p> <p>Vulnerability Management: A Zero Trust Tactic</p> <p>Software Bill of Materials: A Zero Trust Tactic</p> <p>Identity Management: A Tactic for Zero Trust</p> <p>Single Sign- On: A Zero Trust Tactic</p> <p>Two- Factor Authentication: A Tactic for Zero Trust</p> <p>Software- Defined Perimeter: A Tactic for Zero Trust</p> <p>Why Zero Trust Projects Fail</p> <p>Conclusion</p> <p><b>4 Intrusion Kill Chain Prevention 121</b></p> <p>Overview</p> <p>The Beginnings of a New Idea</p> <p>The Lockheed Martin Kill Chain Paper</p> <p>Kill Chain Models</p> <p>Cyber Threat Intelligence Operations as a Journey</p> <p>Red/Blue/Purple Team Operations: A Tactic for Intrusion</p> <p>Kill Chain Prevention</p> <p>Intelligence Sharing: A Tactic for Intrusion Kill Chain</p> <p>Prevention</p> <p>Conclusion</p> <p><b>5 Resilience 203</b></p> <p>Overview</p> <p>What Is Resilience?</p> <p>Crisis Handling: A Tactic for Resilience</p> <p>Backups: A Tactic for Resilience</p> <p>Encryption: A Tactic for Resilience</p> <p>Incident Response: A Tactic for Resilience</p> <p>Conclusion</p> <p><b>6 Risk Forecasting 255</b></p> <p>Overview</p> <p>Superforecasting, Fermi Estimates, and Black Swans</p> <p>Bayes Rule: A Different Way to Think About</p> <p>Cybersecurity Risk</p> <p>Risk Forecasting with the Bayes Rule: A Practical</p> <p>Example</p> <p>Conclusion</p> <p><b>7 Automation 307</b></p> <p>Overview</p> <p>Why Security Automation Is Essential</p> <p>Early History of Software Development Philosophies</p> <p>DevSecOps: An Essential Tactic for Automation</p> <p>Compliance: A First Principle Tactic That Cuts Across</p> <p>All Strategies</p> <p>Chaos Engineering for Automation and Resilience</p> <p>Conclusion</p> <p><b>8 Summation 341</b></p> <p>Overview</p> <p>Zero Trust</p> <p>Conclusion</p> <p>Index 351</p>

<p><B>RICK HOWARD</B> is the Chief Analyst and Senior Fellow at The CyberWire, the world’s largest cybersecurity podcast network, and the CSO of N2K (The CyberWire’s parent company). He’s been a CSO for Palo Alto Networks, TASC, and a former Commander for the U.S. Army’s Computer Emergency Response Team. He helped found the Cyber Threat Alliance (an ISAO for security vendors) and the Cybersecurity Canon Project (a Rock & Roll Hall of Fame for cybersecurity books).

<p>“I often tell individuals just starting in cyber that if they want to understand what is going on, go listen to Rick.”<br> <b>— Mark McLaughlin,</b> Former President, CEO and Chairman of the Board, Palo Alto Networks <p>“Rick Howard has been at the forefront of cybersecurity since it existed as a profession. In <i>Cybersecurity First Principles,</i> he not only educates but also entertains; something only the truly accomplished can achieve.” <br> <b>— Jack Freund,</b> Co-Author of “<i>Measuring and Managing Information Risk: A Fair Approach</i>” <p>“Strategic thinking is critical to our success in securing our organizations. This book is an invaluable roadmap for how to approach cybersecurity strategically by an absolute legend in our industry.” <br> <b>— George Finney,</b> author of “<i>Project Zero Trust: A Story about a Strategy for Aligning Security and the Business</i>” <p>Since the 1970s, infosec practitioners have been incrementally improving the overall security landscape without ever taking a moment to consider if they were going in the right strategic direction in the first place. The author makes the case that they weren’t. The general direction wasn’t wrong per se, but the thought leaders in the space never got to the root of the problem. Retracing the footsteps of scientific thought leaders like Descartes and Elon Musk, this book makes the case for the ultimate cybersecurity first principle and outlines the strategies and tactics necessary to pursue it. <p>A reboot of infosec strategy and tactics, this book explains: <ul><li>Why a first principle approach is necessary</li> <li> Five strategies that emerge because of it: Zero Trust, Intrusion Kill Chain Prevention, Resilience, Automation and Risk Forecasting</li> <li>Hands-on tactics to achieve each strategy</li></ul>

US