Cybersecurity First Principles (eBook)
400 Seiten
John Wiley & Sons (Verlag)
978-1-394-17309-9 (ISBN)
In Cybersecurity First Principles, Rick Howard, the Chief Security Officer, Chief Analyst, and Senior fellow at The Cyberwire, challenges the conventional wisdom of current cybersecurity best practices, strategy, and tactics and makes the case that the profession needs to get back to first principles. The author convincingly lays out the arguments for the absolute cybersecurity first principle and then discusses the strategies and tactics required to achieve it.
In the book, you'll explore:
* Infosec history from the 1960s until the early 2020s and why it has largely failed
* What the infosec community should be trying to achieve instead
* The arguments for the absolute and atomic cybersecurity first principle
* The strategies and tactics to adopt that will have the greatest impact in pursuing the ultimate first principle
* Case studies through a first principle lens of the 2015 OPM hack, the 2016 DNC Hack, the 2019 Colonial Pipeline hack, and the Netflix Chaos Monkey resilience program
* A top to bottom explanation of how to calculate cyber risk for two different kinds of companies
This book is perfect for cybersecurity professionals at all levels: business executives and senior security professionals, mid-level practitioner veterans, newbies coming out of school as well as career-changers seeking better career opportunities, teachers, and students.
RICK HOWARD is the Chief Analyst and Senior Fellow at The CyberWire, the world's largest cybersecurity podcast network, and the CSO of N2K (The CyberWire's parent company). He's been a CSO for Palo Alto Networks, TASC, and a former Commander for the U.S. Army's Computer Emergency Response Team. He helped found the Cyber Threat Alliance (an ISAO for security vendors) and the Cybersecurity Canon Project (a Rock & Roll Hall of Fame for cybersecurity books).
Who We Are xxi
Introduction 1
Who Is This Book For?
What the Book Covers
Writing Conventions
Road Map
1 First Principles 9
Overview
What Are First Principles?
What Is the Atomic Cybersecurity First Principle?
Conclusion
2 Strategies 41
Overview
Strategies vs. Tactics
What Are the Essential Strategies Required for a First
Principle Infosec Program?
Zero Trust Strategy Overview-
Intrusion Kill Chain Prevention Strategy Overview
Resilience Strategy Overview
Risk Forecasting Strategy Overview
Automation Strategy Overview
Conclusion
3 Zero Trust 57
Overview
The Use Case for Zero Trust: Edward Snowden
Zero Trust: Overhyped in the Market but.
Cyber Hygiene, Defense in Depth, and Perimeter Defense:
Zero Trust Before We Had Zero Trust
Zero Trust Is Born
Zero Trust Is a Philosophy, Not a Product
Meat- and- Potatoes Zero Trust
Logical and Micro Segmentation
Vulnerability Management: A Zero Trust Tactic
Software Bill of Materials: A Zero Trust Tactic
Identity Management: A Tactic for Zero Trust
Single Sign- On: A Zero Trust Tactic
Two- Factor Authentication: A Tactic for Zero Trust
Software- Defined Perimeter: A Tactic for Zero Trust
Why Zero Trust Projects Fail
Conclusion
4 Intrusion Kill Chain Prevention 121
Overview
The Beginnings of a New Idea
The Lockheed Martin Kill Chain Paper
Kill Chain Models
Cyber Threat Intelligence Operations as a Journey
Red/Blue/Purple Team Operations: A Tactic for Intrusion
Kill Chain Prevention
Intelligence Sharing: A Tactic for Intrusion Kill Chain
Prevention
Conclusion
5 Resilience 203
Overview
What Is Resilience?
Crisis Handling: A Tactic for Resilience
Backups: A Tactic for Resilience
Encryption: A Tactic for Resilience
Incident Response: A Tactic for Resilience
Conclusion
6 Risk Forecasting 255
Overview
Superforecasting, Fermi Estimates, and Black Swans
Bayes Rule: A Different Way to Think About
Cybersecurity Risk
Risk Forecasting with the Bayes Rule: A Practical
Example
Conclusion
7 Automation 307
Overview
Why Security Automation Is Essential
Early History of Software Development Philosophies
DevSecOps: An Essential Tactic for Automation
Compliance: A First Principle Tactic That Cuts Across
All Strategies
Chaos Engineering for Automation and Resilience
Conclusion
8 Summation 341
Overview
Zero Trust
Conclusion
Index 351
| Erscheint lt. Verlag | 19.4.2023 |
|---|---|
| Sprache | englisch |
| Themenwelt | Mathematik / Informatik ► Informatik ► Theorie / Studium |
| Schlagworte | Computer Science • Computer Security & Cryptography • Computersicherheit • Computersicherheit u. Kryptographie • cybersecurity • Cybersicherheit • Cyber-Sicherheit • Informatik |
| ISBN-10 | 1-394-17309-1 / 1394173091 |
| ISBN-13 | 978-1-394-17309-9 / 9781394173099 |
| Haben Sie eine Frage zum Produkt? |
EPUB (Adobe DRM)Größe: 7,3 MB
Kopierschutz: Adobe-DRM
Adobe-DRM ist ein Kopierschutz, der das eBook vor Mißbrauch schützen soll. Dabei wird das eBook bereits beim Download auf Ihre persönliche Adobe-ID autorisiert. Lesen können Sie das eBook dann nur auf den Geräten, welche ebenfalls auf Ihre Adobe-ID registriert sind.
Details zum Adobe-DRM
Dateiformat: EPUB (Electronic Publication)
EPUB ist ein offener Standard für eBooks und eignet sich besonders zur Darstellung von Belletristik und Sachbüchern. Der Fließtext wird dynamisch an die Display- und Schriftgröße angepasst. Auch für mobile Lesegeräte ist EPUB daher gut geeignet.
Systemvoraussetzungen:
PC/Mac: Mit einem PC oder Mac können Sie dieses eBook lesen. Sie benötigen eine
eReader: Dieses eBook kann mit (fast) allen eBook-Readern gelesen werden. Mit dem amazon-Kindle ist es aber nicht kompatibel.
Smartphone/Tablet: Egal ob Apple oder Android, dieses eBook können Sie lesen. Sie benötigen eine
Geräteliste und zusätzliche Hinweise
Buying eBooks from abroad
For tax law reasons we can sell eBooks just within Germany and Switzerland. Regrettably we cannot fulfill eBook-orders from other countries.
aus dem Bereich
