The CISO’s Next Frontier
Springer International Publishing (Verlag)
978-3-030-75356-6 (ISBN)
The opening chapters describe the power and danger of quantum computing, proposing two solutions for protection from probable quantum computer attacks: the tactical enhancement of existing algorithms to make them quantum-resistant, and the strategic implementation of quantum-safe algorithms and cryptosystems. The following chapters make the case for using supervised and unsupervised AI/ML to develop predictive, prescriptive, cognitive and auto-reactive threat detection, mitigation, and remediation capabilities against advanced attacks perpetrated by sophisticated threat actors, APT and polymorphic/metamorphic malware.
CISOs must be concerned about current on-going sophisticated cyber-attacks, and can address them with advanced security measures. The latter half of this book discusses some current sophisticated cyber-attacks and available protective measures enabled by the advancement of cybersecurity capabilities in various IT domains. Chapters 6-10 discuss secure remote work; chapters 11-17, advanced data security paradigms; chapters 18-28, Network Security; chapters 29-35, application and device security; chapters 36-39, Cloud security; and chapters 40-46 organizational cyber risk measurementand event probability.
Security and IT engineers, administrators and developers, CIOs, CTOs, CISOs, and CFOs will want to purchase this book. Risk personnel, CROs, IT and Security Auditors as well as security researchers and journalists will also find this useful.
Raj Badhwar has 25+ years of experience within the Cybersecurity and IT industry. He is currently the CISO for Voya Financial, and has previously held senior Security and IT leadership roles at AIG, BAE Systems Inc., Bank of America, Time Warner Cable, AOL Time Warner, and Sprint. Raj is a currently a director and secretary of the board of the National Technology Security Coalition (NTSC). He also serves on the cybersecurity advisory boards of Pace University, Rutgers University, and Ithaca College; the customer advisory board for Venafi; and the CISO advisory council for Infosys. Raj is a certified information systems security professional (CISSP), a certified ethical hacker (CEH), and a FINRA licensed securities professional (Series 99). He has co-authored 14 security patents, and has written and presented in the areas of advanced encryption, post-quantum cryptography, zero trust networks, cloud security pat-terns, and secure remote work paradigms. He has also been inter-viewed as a cybersecurity subject matter expert by WSJ. Raj is proficient in three languages, and conversant in another three languages. Raj graduated from George Washington University (GWU) with an MS in Information Systems Technology and also holds a BS in Electrical and Electronics engineering from Karnatak University. Raj is an alumnus of St Francis College, Lucknow.
Are you ready for Quantum computing?.- The need for post-quantum cryptography.- Quantum Encryption is not a Paradox.- AI Code of Ethics for Cybersecurity.- The Case of AI/ML in Cybersecurity.- Security for Work-From-Home Technologies.- Secure video conferencing and online collaboration.- If you must work from home, do it securely!.- Security Controls for Remote Access Technologies.- Specialty Malware and backdoors for VDI.- The Future State of Data Security.- Cybersecurity enabled by Zero Trust.- Advanced Active Directory attacks and Prevention.- Cyber Deception Systems.- Hypervisor Introspection.- Bitcoin is a decade old, and so are the threats to the various blockchain ecosystems.- The advanced malware prevention playbook.- The 768K Precipice.- MAC Address Randomization to limit user/device tracking.- Transport Layer Security 1.3.- The use of ESNI with TLS 1.3, is it a boon to privacy?Or does it raise security concerns.- Using FQDN vs IP addresses in FW rules and app configs.- Network Time Protocol (NTP) Security.- Domain Name System (DNS) Security.- Next Gen Wi-Fi and Security.- The next frontier for CA/Certificate security - DANE and Certificate Transparency.- Man-in-the-middle Attack Prevention.- Distributed Denial of Service (DDoS) Prevention.- Intro to API Security - Issues and Some Solutions!.- Windows subsystem for Linux - security risk and mitigation.- Common sense security measures for voice activated assistant devices.- The case for code signing and dynamic white-listing.- Biometrics - Commentary on data breach notification, threats, and data security.- Security requirements for RPA Bots.- Polymorphic and Metamorphic Malware.- Introduction to Cloud Monitoring Security Controls.- Cloud Monitoring Security Controls for AWS.- Cloud Monitoring Security Controls for Azure.- Cloud Policy Enforcement Point.- Dynamic measurement of cyber risk.- OEM and third-party sourced application and services risk.- Commentary on Insider Threat.- Simplified approach to calculate the probability of a cyber event.- Privacy concerns from publicly available meta-data.- Dark Web & Dark Net.- Risk-Based Vulnerability Management.
"Raj Badhwar has written an interesting book meant to help those tasked with information security. ... This is a comprehensive book covering a wide range of topics. For the CISO or security professional looking to get a deeper understanding of the topics their security teams will have to deal with, The CISO's Next Frontier does a good job of helping senior information security professionals understand what their teams in the trenches face." (Ben Rothke, Security Management, sm.asisonline.org, August 23, 2022)
“Raj Badhwar has written an interesting book meant to help those tasked with information security. … This is a comprehensive book covering a wide range of topics. For the CISO or security professional looking to get a deeper understanding of the topics their security teams will have to deal with, The CISO’s Next Frontier does a good job of helping senior information security professionals understand what their teams in the trenches face.” (Ben Rothke, Security Management, sm.asisonline.org, August 23, 2022)
Erscheinungsdatum | 09.08.2022 |
---|---|
Zusatzinfo | XLIII, 387 p. 14 illus., 11 illus. in color. |
Verlagsort | Cham |
Sprache | englisch |
Maße | 155 x 235 mm |
Gewicht | 658 g |
Themenwelt | Informatik ► Netzwerke ► Sicherheit / Firewall |
Informatik ► Theorie / Studium ► Künstliche Intelligenz / Robotik | |
Schlagworte | API security • Blockchain • CISO • Cloud Security • cryptography • cyber deception systems • cybersecurity • Data Security • Encryption • IoT/OT security • Network Security • quantum encryption • Zero Trust |
ISBN-10 | 3-030-75356-5 / 3030753565 |
ISBN-13 | 978-3-030-75356-6 / 9783030753566 |
Zustand | Neuware |
Haben Sie eine Frage zum Produkt? |
aus dem Bereich