May 2023
Intermediate to advanced
43 pages
1h
English
Overview
The business world faces an interesting paradox: although companies spend more money than ever on security solutions and protective technologies, breaches and other attacks continue to escalate. This raises the question: are we, as an industry, doing something wrong? With the increase in targeted cyberattacks, rising risk levels, and high-impact consequences, it's more important than ever to be able to answer that question.
In this report, Christopher Frenz and Jonathan Reiber show CISOs, security directors, and security managers how to transform security from an artform to a science, with evidence-based solutions leading the way. You'll learn how to operationalize the MITRE ATT&CK framework and enable your team to produce actionable results and meaningful metrics, and measurably improve your security posture.
With this report, you'll learn:
- Why more security doesn't always provide more protection, and why compliance alone cannot guarantee security
- Ways to justify security spend through proven results
- How to use an evidence-based security framework, mapping TTPs with the MITRE ATT&CK knowledge base
- The advantages of automating breach and attack simulations, especially as a tool for continuous validation
- Evidence-based security metrics that matter, including actionable KPIs for different stakeholders in your organization
About the authors:
Christopher Frenz is the associate vice president of IT security for Mount Sinai South Nassau.
Jonathan Reiber is vice president for cybersecurity strategy and policy at the cybersecurity startup AttackIQ.
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.