book

Cybersecurity Threats, Malware Trends, and Strategies

by Tim Rains

May 2020

Beginner to intermediate

428 pages

11h 31m

English

Packt Publishing

Read now

Unlock full access

Who this book is for?What this book coversTo get the most out of this bookConventions usedGet in touch
What is a cybersecurity strategy?How organizations get initially compromised and the cybersecurity fundamentalsUnpatched vulnerabilitiesSecurity misconfigurationsWeak, leaked, and stolen credentialsSocial engineeringInsider threatsFocus on the cybersecurity fundamentalsUnderstanding the difference between the attacker's motivations and tacticsOther ingredients for a successful strategyBusiness objective alignmentCybersecurity vision, mission, and imperativesSenior executive and board supportUnderstand the risk appetiteRealistic view of current cybersecurity capabilities and technical talentCompliance program and control framework alignmentAn effective relationship between cybersecurity and ITSecurity cultureChapter summaryReferences
IntroductionVulnerability Management PrimerVulnerability Disclosure Data SourcesIndustry Vulnerability Disclosure TrendsReducing Risk and Costs – Measuring Vendor and Product ImprovementOracle Vulnerability TrendsApple Vulnerability TrendsIBM Vulnerability TrendsGoogle Vulnerability TrendsMicrosoft Vulnerability TrendsVendor Vulnerability Trend SummaryOperating System Vulnerability TrendsMicrosoft Operating System Vulnerability TrendsWindows XP Vulnerability TrendsWindows 7 Vulnerability TrendsWindows Server 2012 and 2016 Vulnerability TrendsWindows 10 Vulnerability TrendsLinux Kernel Vulnerability TrendsGoogle Android Vulnerability TrendsApple macOS Vulnerability TrendsOperating Systems Vulnerability Trend SummaryWeb Browser Vulnerability TrendsInternet Explorer Vulnerability TrendsMicrosoft Edge Vulnerability TrendsGoogle Chrome Vulnerability TrendsMozilla Firefox Vulnerability TrendsApple Safari Vulnerability TrendsWeb Browser Vulnerability Trend SummaryVulnerability Management GuidanceChapter summaryReferences
IntroductionWhy is there so much malware on Windows compared to other platforms?Data sourcesThe Malicious Software Removal ToolReal-time anti-malware toolsNon-security data sourcesAbout malwareHow malware infections spreadTrojansPotentially unwanted softwareExploits and exploit kitsWormsRansomwareVirusesBrowser modifiersMeasuring malware prevalenceGlobal Windows malware infection analysisRegional Windows malware infection analysisThe long-term view of the threat landscape in the Middle East and Northern Africa10-year regional report card for the Middle East and Northern AfricaThe long-term view of the threat landscape in the European Union and Eastern Europe10-year regional report card for the European Union10-year regional report card for select Eastern European locationsThe long-term view of the threat landscape in select locations in Asia10-year regional report card for AsiaThe long-term view of the threat landscape in select locations in the Americas10-year regional report card for the AmericasRegional Windows malware infection analysis conclusionsWhat does this all mean for CISOs and enterprise security teams?Global malware evolutionGlobal malware evolution conclusionsThe great debate – are anti-malware solutions really worthwhile?Threat intelligence best practices and tipsTip #1 – data sourcesTip #2 – time periodsTip #3 – recognizing hypeTip #4 – predictions about the futureTip #5 – vendors' motivesChapter summaryReferences
IntroductionA typical attackPhishing attacksMitigating phishingDrive-by download attacksMitigating drive-by download attacksMalware hosting sitesMitigating malware distributionPost compromise – botnets and DDoS attacksChapter summaryReferences
IntroductionMeasuring the efficacy of cybersecurity strategiesCybersecurity strategiesProtect and Recover StrategyCybersecurity fundamentals scoring system scoreProtect and Recover Strategy summaryEndpoint Protection StrategyCybersecurity fundamentals scoring system scoreEndpoint Protection Strategy summaryPhysical Control and Security Clearances as a Security StrategyCybersecurity fundamentals scoring system scorePhysical Control and Security Clearances Strategy summaryCompliance as a Security StrategyCybersecurity fundamentals scoring system scoreCompliance as a Security Strategy summaryApplication-Centric StrategyCybersecurity fundamentals scoring system scoreApplication-Centric Strategy summaryIdentity-Centric StrategyCybersecurity fundamentals scoring system scoreIdentity-Centric Strategy summaryData-Centric StrategyCybersecurity fundamentals scoring system scoreData-Centric Strategy summaryAttack-Centric StrategyCybersecurity fundamentals scoring system scoreAttack-Centric Strategy summaryCybersecurity strategies summaryDevOps and DevSecOpsZero TrustChapter summaryReferences
IntroductionWhat is an Intrusion Kill Chain?Modernizing the kill chainMapping the cybersecurity usual suspectsUpdating the matrixGetting startedMaturity of current cybersecurity capabilitiesWho consumes the data?Cybersecurity license renewalsImplementing this strategyRationalizing the matrix – gaps, under-investments, and over-investmentsPlanning your implementationDesigning control setsAttack phase – Reconnaissance IAttack phase – DeliveryAttack phase – ExploitationAttack phase – InstallationAttack phase – Command and Control (C2)Attack phase – Reconnaissance IIAttack phase – Actions on ObjectivesConclusionChapter summaryReferences
IntroductionUsing vulnerability management dataAssets under management versus total assetsKnown unpatched vulnerabilitiesUnpatched vulnerabilities by severityVulnerabilities by product typeMeasuring performance and efficacy of an Attack-Centric StrategyPerforming intrusion reconstructionsUsing intrusion reconstruction resultsIdentifying lame controlsLearning from failureIdentifying helpful vendorsInforming internal assessmentsChapter summaryReferences
IntroductionHow is cloud computing different?Security and compliance game changersThe power of APIsThe advantages of automationMitigating insider threat and social engineeringMitigating unpatched vulnerabilitiesMitigating security misconfigurationsMitigating weak, leaked and stolen passwordsSecurity and compliance game changers – summaryUsing cybersecurity strategies in the cloudUsing the protect and recover strategy in the cloudCompliance as a cybersecurity strategy in the cloudUsing the Attack-Centric Strategy in the cloudDevOps – A modern approach to security in the cloudEncryption and key managementConclusionChapter summaryReferences

Overview

Cybersecurity Threats, Malware Trends, and Strategies provides a comprehensive view of modern threats to digital systems and lays out effective strategies to manage these challenges. Drawing on twenty years of real-world data and insights, this book enables you to develop practical security approaches to protect against exploits, malware, and social engineering attacks.

What this Book will help me do

Understand the trends and motivations behind malware and cyber threats over the past two decades.
Learn how to evaluate and enhance your organization's current cybersecurity measures.
Develop effective strategies to mitigate phishing, malware infections, and other prominent threats.
Gain insights into implementing and measuring the effectiveness of cybersecurity strategies.
Explore how cloud solutions can enhance security against present and emerging threats.

Author(s)

Tim Rains, the author, brings a wealth of experience through his role as Microsoft's former Global Chief Security Advisor. His deep understanding of cybersecurity trends and enterprise defenses has made him a renowned expert in the field. Using a clear and practical approach, Tim shares invaluable insights into tackling modern security challenges for organizations.

Who is it for?

This book is ideal for security professionals, organizational leaders, compliance officers, and anyone working to enhance their organization's cybersecurity defenses. If you're responsible for protecting digital assets or learning to strategize against ever-evolving threats, or if you're stepping into the cybersecurity domain and seek foundational yet actionable insights, this book is for you.