March 2021
Beginner
176 pages
4h 54m
English
Content preview from The Cybersecurity Manager's Guide
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
Chapter 2. The Science of Our Business:The Eight Domains
I grew up during the time period when the security landscape was covered by the 10 domains. I’ve chosen to discuss our industry in terms of these domains (although now there are only eight) as opposed to one of the industry’s well-known frameworks because the two are fundamentally different models. The eight domains by and large discuss the theory and science of our field. The many industry frameworks—including those from the National Institute of Standards and Technology (NIST), International Organization for Standardization (ISO), Cloud Security Alliance (CSA), and Center for Internet Security (CIS)— discuss the numerous security controls to be implemented to protect systems and data. The eight domains provide a discussion on the content of the science of InfoSec.
My intent in this book is not to rehash the content of the eight domains, but to merely highlight those sections that I believe you’ll want to focus on when building an InfoSec program. Not all domains are of equal importance when you follow my seven-step process. Knowing which ones to focus on will help you build your program.
As a refresher, the eight domains of InfoSec are as follows:1
-
Security and Risk Management
-
Asset Security
-
Security Engineering and Architecture
-
Communications and Network Security
-
Identity and Access Management
-
Security Assessment and Testing
-
Security Operations
-
Software Development Security
Why Am I Commenting on the ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.