Book description
Implement effective cybersecurity strategies to help you and your security team protect, detect, and respond to modern-day threats Purchase of the print or Kindle book includes a free eBook in PDF format.
Key Features
- Protect your organization from cybersecurity threats with field-tested strategies
- Understand threats such as exploits, malware, internet-based threats, and governments
- Measure the effectiveness of your organization's current cybersecurity program against modern attackers’ tactics
Book Description
Tim Rains is Microsoft's former Global Chief Security Advisor and Amazon Web Services’ former Global Security Leader for Worldwide Public Sector. He has spent the last two decades advising private and public sector organizations all over the world on cybersecurity strategies.
Cybersecurity Threats, Malware Trends, and Strategies, Second Edition builds upon the success of the first edition that has helped so many aspiring CISOs, and cybersecurity professionals understand and develop effective data-driven cybersecurity strategies for their organizations. In this edition, you’ll examine long-term trends in vulnerability disclosures and exploitation, regional differences in malware infections and the socio-economic factors that underpin them, and how ransomware evolved from an obscure threat to the most feared threat in cybersecurity. You’ll also gain valuable insights into the roles that governments play in cybersecurity, including their role as threat actors, and how to mitigate government access to data. The book concludes with a deep dive into modern approaches to cybersecurity using the cloud.
By the end of this book, you will have a better understanding of the threat landscape, how to recognize good Cyber Threat Intelligence, and how to measure the effectiveness of your organization's cybersecurity strategy.
What you will learn
- Discover enterprise cybersecurity strategies and the ingredients critical to their success
- Improve vulnerability management by reducing risks and costs for your organization
- Mitigate internet-based threats such as drive-by download attacks and malware distribution sites
- Learn the roles that governments play in cybersecurity and how to mitigate government access to data
- Weigh the pros and cons of popular cybersecurity strategies such as Zero Trust, the Intrusion Kill Chain, and others
- Implement and then measure the outcome of a cybersecurity strategy
- Discover how the cloud can provide better security and compliance capabilities than on-premises IT environments
Who this book is for
This book is for anyone who is looking to implement or improve their organization's cybersecurity strategy. This includes Chief Information Security Officers (CISOs), Chief Security Officers (CSOs), compliance and audit professionals, security architects, and cybersecurity professionals. Basic knowledge of Information Technology (IT), software development principles, and cybersecurity concepts is assumed.
Table of contents
- Preface
- Introduction
- What to Know about Threat Intelligence
-
Using Vulnerability Trends to Reduce Risk and Costs
- Introduction
- Vulnerability Management Primer
- Vulnerability Disclosure Data Sources
-
Industry Vulnerability Disclosure Trends
- Vendor and Product Vulnerability Trends
- Reducing Risk and Costs – Measuring Vendor and Product Improvement
-
Operating System Vulnerability Trends
- Google Android Vulnerability Trends
- Apple iOS Vulnerability Trends
- Mobile Operating System Summary
- Microsoft Windows 10 Vulnerability Trends
- Apple macOS Vulnerability Trends
- Desktop Operating System Summary
- Ubuntu Linux Vulnerability Trends
- Linux Kernel Vulnerability Trends
- Microsoft Windows Server 2016 Vulnerability Trends
- Server Operating System Summary
- Web Browser Vulnerability Trends
- Vulnerability Improvement Framework Summary
- Vulnerability Management Guidance
- Summary
- References
-
The Evolution of Malware
- Introduction
- Why is there so much malware on Windows compared to other platforms?
- Data sources
- About malware
- Global Windows malware infection analysis
-
Regional Windows malware infection analysis
- The threat landscape in the Middle East and Northern Africa
- The threat landscape in the European Union and Eastern Europe
- The threat landscape in select locations in Asia and Oceania
- The threat landscape in select locations in the Americas
- Regional Windows malware infection analysis conclusions
- What does this all mean for CISOs and enterprise security teams?
- Global malware evolution
- The evolution of ransomware
- The great debate – are anti-malware solutions really worthwhile?
- Summary
- References
- Internet-Based Threats
- The Roles Governments Play in Cybersecurity
- Government Access to Data
-
Ingredients for a Successful Cybersecurity Strategy
- What is a cybersecurity strategy?
-
Other ingredients for a successful strategy
- Business objective alignment
- Cybersecurity vision, mission, and imperatives
- Senior executive and board support
- Understand the risk appetite
- Realistic view of current cybersecurity capabilities and technical talent
- Compliance program and control framework alignment
- An effective relationship between cybersecurity and IT
- Security culture
- Summary
- References
-
Cybersecurity Strategies
- Introduction
- Measuring the efficacy of cybersecurity strategies
- Cybersecurity strategies
- Protect and Recover Strategy
- Endpoint Protection Strategy
- Physical control and security clearances as a security strategy
- Compliance as a Security Strategy
- Application-Centric Strategy
- Identity-Centric Strategy
- Data-Centric Strategy
- Attack-Centric Strategy
- Zero Trust
- Cybersecurity strategies summary
- DevOps and DevSecOps
- Summary
- References
-
Strategy Implementation
- Introduction
- What is an Intrusion Kill Chain?
- Modernizing the Kill Chain
- Getting started
- Implementing this strategy
- Designing control sets
- Conclusion
- Summary
- References
- Measuring Performance and Effectiveness
- Modern Approaches to Security and Compliance
- Other Books You May Enjoy
- Index
Product information
- Title: Cybersecurity Threats, Malware Trends, and Strategies - Second Edition
- Author(s):
- Release date: January 2023
- Publisher(s): Packt Publishing
- ISBN: 9781804613672
You might also like
book
Cybersecurity Threats, Malware Trends, and Strategies
A comprehensive guide for cybersecurity professionals to acquire unique insights on the evolution of the threat …
book
Cybersecurity – Attack and Defense Strategies - Second Edition
Updated and revised edition of the bestselling guide to developing defense strategies against the latest threats …
book
Cybersecurity - Attack and Defense Strategies
Key Features Gain a clear understanding of the attack methods, and patterns to recognize abnormal behavior …
book
Cybersecurity - Attack and Defense Strategies
Updated edition of the bestselling guide for planning attack and defense strategies based on the current …