Cybersecurity Threats, Malware Trends, and Strategies

Cybersecurity Threats, Malware Trends, and Strategies

by Tim Rains
Released May 2020
Publisher(s): Packt Publishing
ISBN: 9781800206014

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Book description

A comprehensive guide for cybersecurity professionals to acquire unique insights on the evolution of the threat landscape and how you can address modern cybersecurity challenges in your organisation

Key Features

  • Protect your organization from cybersecurity threats with field-tested strategies
  • Discover the most common ways enterprises initially get compromised
  • Measure the effectiveness of your organization’s current cybersecurity program against cyber attacks

Book Description

After scrutinizing numerous cybersecurity strategies, Microsoft’s former Global Chief Security Advisor in this book helps you understand the efficacy of popular cybersecurity strategies and more.

Cybersecurity Threats, Malware Trends, and Strategies offers an unprecedented long-term view of the global threat landscape by examining the twenty-year trend in vulnerability disclosures and exploitation, nearly a decade of regional differences in malware infections, the socio-economic factors that underpin them, and how global malware has evolved. This will give you further perspectives into malware protection for your organization. It also examines internet-based threats that CISOs should be aware of.

The book will provide you with an evaluation of the various cybersecurity strategies that have ultimately failed over the past twenty years, along with one or two that have actually worked. It will help executives and security and compliance professionals understand how cloud computing is a game changer for them.

By the end of this book, you will know how to measure the effectiveness of your organization’s cybersecurity strategy and the efficacy of the vendors you employ to help you protect your organization and yourself.

What you will learn

  • Discover cybersecurity strategies and the ingredients critical to their success
  • Improve vulnerability management by reducing risks and costs for your organization
  • Learn how malware and other threats have evolved over the past decade
  • Mitigate internet-based threats, phishing attacks, and malware distribution sites
  • Weigh the pros and cons of popular cybersecurity strategies of the past two decades
  • Implement and then measure the outcome of a cybersecurity strategy
  • Learn how the cloud provides better security capabilities than on-premises IT environments

Who this book is for

This book is designed to benefit engineers, leaders, or any professional with either a responsibility for cyber security within their organization, or an interest in working in this ever-growing field.

Table of contents

  1. Preface
    1. Who this book is for?
    2. What this book covers
    3. To get the most out of this book
    4. Conventions used
    5. Get in touch
  2. Ingredients for a Successful Cybersecurity Strategy
    1. What is a cybersecurity strategy?
    2. How organizations get initially compromised and the cybersecurity fundamentals
      1. Unpatched vulnerabilities
      2. Security misconfigurations
      3. Weak, leaked, and stolen credentials
      4. Social engineering
      5. Insider threats
      6. Focus on the cybersecurity fundamentals
    3. Understanding the difference between the attacker's motivations and tactics
    4. Other ingredients for a successful strategy
      1. Business objective alignment
      2. Cybersecurity vision, mission, and imperatives
      3. Senior executive and board support
      4. Understand the risk appetite
      5. Realistic view of current cybersecurity capabilities and technical talent
      6. Compliance program and control framework alignment
      7. An effective relationship between cybersecurity and IT
      8. Security culture
    5. Chapter summary
    6. References
  3. Using Vulnerability Trends to Reduce Risk and Costs
    1. Introduction
    2. Vulnerability Management Primer
      1. Vulnerability Disclosure Data Sources
      2. Industry Vulnerability Disclosure Trends
      3. Reducing Risk and Costs – Measuring Vendor and Product Improvement
        1. Oracle Vulnerability Trends
        2. Apple Vulnerability Trends
        3. IBM Vulnerability Trends
        4. Google Vulnerability Trends
        5. Microsoft Vulnerability Trends
        6. Vendor Vulnerability Trend Summary
      4. Operating System Vulnerability Trends
        1. Microsoft Operating System Vulnerability Trends
        2. Windows XP Vulnerability Trends
        3. Windows 7 Vulnerability Trends
        4. Windows Server 2012 and 2016 Vulnerability Trends
        5. Windows 10 Vulnerability Trends
        6. Linux Kernel Vulnerability Trends
        7. Google Android Vulnerability Trends
        8. Apple macOS Vulnerability Trends
        9. Operating Systems Vulnerability Trend Summary
      5. Web Browser Vulnerability Trends
        1. Internet Explorer Vulnerability Trends
        2. Microsoft Edge Vulnerability Trends
        3. Google Chrome Vulnerability Trends
        4. Mozilla Firefox Vulnerability Trends
        5. Apple Safari Vulnerability Trends
        6. Web Browser Vulnerability Trend Summary
      6. Vulnerability Management Guidance
    3. Chapter summary
    4. References
  4. The Evolution of the Threat Landscape – Malware
    1. Introduction
    2. Why is there so much malware on Windows compared to other platforms?
    3. Data sources
      1. The Malicious Software Removal Tool
      2. Real-time anti-malware tools
      3. Non-security data sources
    4. About malware
      1. How malware infections spread
      2. Trojans
      3. Potentially unwanted software
      4. Exploits and exploit kits
      5. Worms
      6. Ransomware
      7. Viruses
      8. Browser modifiers
      9. Measuring malware prevalence
    5. Global Windows malware infection analysis
    6. Regional Windows malware infection analysis
      1. The long-term view of the threat landscape in the Middle East and Northern Africa
        1. 10-year regional report card for the Middle East and Northern Africa
      2. The long-term view of the threat landscape in the European Union and Eastern Europe
        1. 10-year regional report card for the European Union
        2. 10-year regional report card for select Eastern European locations
      3. The long-term view of the threat landscape in select locations in Asia
        1. 10-year regional report card for Asia
      4. The long-term view of the threat landscape in select locations in the Americas
        1. 10-year regional report card for the Americas
      5. Regional Windows malware infection analysis conclusions
        1. What does this all mean for CISOs and enterprise security teams?
    7. Global malware evolution
      1. Global malware evolution conclusions
    8. The great debate – are anti-malware solutions really worthwhile?
    9. Threat intelligence best practices and tips
      1. Tip #1 – data sources
      2. Tip #2 – time periods
      3. Tip #3 – recognizing hype
      4. Tip #4 – predictions about the future
      5. Tip #5 – vendors' motives
    10. Chapter summary
    11. References
  5. Internet-Based Threats
    1. Introduction
    2. A typical attack
    3. Phishing attacks
      1. Mitigating phishing
    4. Drive-by download attacks
      1. Mitigating drive-by download attacks
    5. Malware hosting sites
      1. Mitigating malware distribution
    6. Post compromise – botnets and DDoS attacks
    7. Chapter summary
    8. References
  6. Cybersecurity Strategies
    1. Introduction
    2. Measuring the efficacy of cybersecurity strategies
    3. Cybersecurity strategies
      1. Protect and Recover Strategy
        1. Cybersecurity fundamentals scoring system score
        2. Protect and Recover Strategy summary
      2. Endpoint Protection Strategy
        1. Cybersecurity fundamentals scoring system score
        2. Endpoint Protection Strategy summary
      3. Physical Control and Security Clearances as a Security Strategy
        1. Cybersecurity fundamentals scoring system score
        2. Physical Control and Security Clearances Strategy summary
      4. Compliance as a Security Strategy
        1. Cybersecurity fundamentals scoring system score
        2. Compliance as a Security Strategy summary
      5. Application-Centric Strategy
        1. Cybersecurity fundamentals scoring system score
        2. Application-Centric Strategy summary
      6. Identity-Centric Strategy
        1. Cybersecurity fundamentals scoring system score
        2. Identity-Centric Strategy summary
      7. Data-Centric Strategy
        1. Cybersecurity fundamentals scoring system score
        2. Data-Centric Strategy summary
      8. Attack-Centric Strategy
        1. Cybersecurity fundamentals scoring system score
        2. Attack-Centric Strategy summary
      9. Cybersecurity strategies summary
      10. DevOps and DevSecOps
      11. Zero Trust
    4. Chapter summary
    5. References
  7. Strategy Implementation
    1. Introduction
    2. What is an Intrusion Kill Chain?
    3. Modernizing the kill chain
      1. Mapping the cybersecurity usual suspects
      2. Updating the matrix
    4. Getting started
      1. Maturity of current cybersecurity capabilities
      2. Who consumes the data?
      3. Cybersecurity license renewals
    5. Implementing this strategy
      1. Rationalizing the matrix – gaps, under-investments, and over-investments
      2. Planning your implementation
      3. Designing control sets
        1. Attack phase – Reconnaissance I
        2. Attack phase – Delivery
        3. Attack phase – Exploitation
        4. Attack phase – Installation
        5. Attack phase – Command and Control (C2)
        6. Attack phase – Reconnaissance II
        7. Attack phase – Actions on Objectives
    6. Conclusion
    7. Chapter summary
    8. References
  8. Measuring Performance and Effectiveness
    1. Introduction
    2. Using vulnerability management data
      1. Assets under management versus total assets
      2. Known unpatched vulnerabilities
      3. Unpatched vulnerabilities by severity
      4. Vulnerabilities by product type
    3. Measuring performance and efficacy of an Attack-Centric Strategy
      1. Performing intrusion reconstructions
      2. Using intrusion reconstruction results
        1. Identifying lame controls
        2. Learning from failure
        3. Identifying helpful vendors
        4. Informing internal assessments
    4. Chapter summary
    5. References
  9. The Cloud – A Modern Approach to Security and Compliance
    1. Introduction
    2. How is cloud computing different?
    3. Security and compliance game changers
      1. The power of APIs
      2. The advantages of automation
        1. Mitigating insider threat and social engineering
        2. Mitigating unpatched vulnerabilities
        3. Mitigating security misconfigurations
        4. Mitigating weak, leaked and stolen passwords
      3. Security and compliance game changers – summary
    4. Using cybersecurity strategies in the cloud
      1. Using the protect and recover strategy in the cloud
      2. Compliance as a cybersecurity strategy in the cloud
      3. Using the Attack-Centric Strategy in the cloud
      4. DevOps – A modern approach to security in the cloud
    5. Encryption and key management
    6. Conclusion
    7. Chapter summary
    8. References
  10. Other Books You May Enjoy
  11. Index

Product information

  • Title: Cybersecurity Threats, Malware Trends, and Strategies
  • Author(s): Tim Rains
  • Release date: May 2020
  • Publisher(s): Packt Publishing
  • ISBN: 9781800206014