8 Steps to Better Security
A Simple Cyber Resilience Guide for Business
(Sprache: Englisch)
Harden your business against internal and external cybersecurity threats with a single accessible resource.
In 8 Steps to Better Security: A Simple Cyber Resilience Guide for Business, cybersecurity researcher and writer Kim Crawley delivers a...
In 8 Steps to Better Security: A Simple Cyber Resilience Guide for Business, cybersecurity researcher and writer Kim Crawley delivers a...
Leider schon ausverkauft
versandkostenfrei
Buch (Kartoniert)
29.00 €
- Lastschrift, Kreditkarte, Paypal, Rechnung
- Kostenlose Rücksendung
Produktdetails
Produktinformationen zu „8 Steps to Better Security “
Klappentext zu „8 Steps to Better Security “
Harden your business against internal and external cybersecurity threats with a single accessible resource.In 8 Steps to Better Security: A Simple Cyber Resilience Guide for Business, cybersecurity researcher and writer Kim Crawley delivers a grounded and practical roadmap to cyber resilience in any organization. Offering you the lessons she learned while working for major tech companies like Sophos, AT&T, BlackBerry Cylance, Tripwire, and Venafi, Crawley condenses the essence of business cybersecurity into eight steps.
Written to be accessible to non-technical businesspeople as well as security professionals, and with insights from other security industry leaders, this important book will walk you through how to:
* Foster a strong security culture that extends from the custodial team to the C-suite
* Build an effective security team, regardless of the size or nature of your business
* Comply with regulatory requirements, including general data privacy rules and industry-specific legislation
* Test your cybersecurity, including third-party penetration testing and internal red team specialists
Perfect for CISOs, security leaders, non-technical businesspeople, and managers at any level, 8 Steps to Better Security is also a must-have resource for companies of all sizes, and in all industries.
Inhaltsverzeichnis zu „8 Steps to Better Security “
Foreword xiIntroduction xiii
Chapter 1: Step 1: Foster a Strong Security Culture 1
Kevin Mitnick, Human Hacker Extraordinaire 3
The Importance of a Strong Security Culture 5
Hackers Are the Bad Guys, Right? 6
What is Security Culture? 7
How to Foster a Strong Security Culture 9
Security Leaders on Security Culture 12
What Makes a Good CISO? 13
The Biggest Mistakes Businesses Make When It Comes to Cybersecurity 14
The Psychological Phases of a Cybersecurity Professional 15
Chapter 2: Step 2: Build a Security Team 19
Why Step 2 is Controversial 20
How to Hire the Right Security Team. . .the Right Way 28
Security Team Tips from Security Leaders 29
The "Culture Fit"--Yuck! 30
Cybersecurity Budgets 34
Design Your Perfect Security Team 35
Chapter 3: Step 3: Regulatory Compliance 39
What Are Data Breaches, and Why Are They Bad? 40
The Scary Truth Found in Data Breach Research 45
An Introduction to Common Data Privacy Regulations 49
The General Data Protection Regulation 49
The California Consumer Privacy Act 50
The Health Insurance Portability and Accountability Act 52
The Gramm-Leach-Bliley Act 52
Payment Card Industry Data Security Standard 53
Governance, Risk Management, and Compliance 53
More About Risk Management 54
Threat Modeling 55
Chapter 4: Step 4: Frequent Security Testing 57
What is Security Testing? 58
Security Testing Types 58
Security Audits 58
Vulnerability Assessments Versus Penetration Testing 59
Red Team Testing 61
Bug Bounty Programs 61
What's Security Maturity? 63
The Basics of Security Audits and Vulnerability Assessments 64
Log Early, Log Often 66
Prepare for Vulnerability Assessments
... mehr
and Security Audits 67
A Concise Guide to Penetration Testing 69
Penetration Testing Based on Network Knowledge 70
Penetration Testing Based on Network Aspects 73
Security Leaders on Security Maturity 76
Security Testing is Crucial 78
Chapter 5: Step 5: Security Framework Application 79
What is Incident Response? 80
Preparation 80
Identification or Analysis 82
Containment, Mitigation, or Eradication 83
Recovery 84
Post-incident 86
Your Computer Security Incident Response Team 86
Cybersecurity Frameworks 89
NIST Cybersecurity Framework 89
Identify 90
Protect 92
Detect 95
Respond 97
Recover 99
ISO 27000 Cybersecurity Frameworks 101
CIS Controls 102
COBIT Cybersecurity Framework 105
Security Frameworks and Cloud Security 106
Chapter 6: Step 6: Control Your Data Assets 109
The CIA Triad 110
Access Control 112
Patch Management 113
Physical Security and Your Data 115
Malware 116
Cryptography Basics 119
Bring Your Own Device and Working from Home 123
Data Loss Prevention 124
Managed Service Providers 126
The Dark Web and Your Data 128
Security Leaders on Cyber Defense 130
Control Your Data 132
Chapter 7: Step 7: Understand the Human Factor 133
Social Engineering 134
Phishing 139
What Can NFTs and ABA Teach Us About Social Engineering? 141
How to Prevent Social Engineering Attack
A Concise Guide to Penetration Testing 69
Penetration Testing Based on Network Knowledge 70
Penetration Testing Based on Network Aspects 73
Security Leaders on Security Maturity 76
Security Testing is Crucial 78
Chapter 5: Step 5: Security Framework Application 79
What is Incident Response? 80
Preparation 80
Identification or Analysis 82
Containment, Mitigation, or Eradication 83
Recovery 84
Post-incident 86
Your Computer Security Incident Response Team 86
Cybersecurity Frameworks 89
NIST Cybersecurity Framework 89
Identify 90
Protect 92
Detect 95
Respond 97
Recover 99
ISO 27000 Cybersecurity Frameworks 101
CIS Controls 102
COBIT Cybersecurity Framework 105
Security Frameworks and Cloud Security 106
Chapter 6: Step 6: Control Your Data Assets 109
The CIA Triad 110
Access Control 112
Patch Management 113
Physical Security and Your Data 115
Malware 116
Cryptography Basics 119
Bring Your Own Device and Working from Home 123
Data Loss Prevention 124
Managed Service Providers 126
The Dark Web and Your Data 128
Security Leaders on Cyber Defense 130
Control Your Data 132
Chapter 7: Step 7: Understand the Human Factor 133
Social Engineering 134
Phishing 139
What Can NFTs and ABA Teach Us About Social Engineering? 141
How to Prevent Social Engineering Attack
... weniger
Autoren-Porträt von Kim Crawley
KIM CRAWLEY focuses on researching and writing about cybersecurity issues. Her career has included work with Sophos, AT&T Cybersecurity, BlackBerry Cylance, Tripwire, and Venafi. She specializes in all matters red team, blue team, and purple team and is especially fascinated by malware, social engineering, and advanced persistent threats. She runs an online cybersecurity event called DisInfoSec.
Bibliographische Angaben
- Autor: Kim Crawley
- 2021, 1. Auflage, 224 Seiten, Maße: 14,9 x 22,5 cm, Kartoniert (TB), Englisch
- Verlag: Wiley & Sons
- ISBN-10: 1119811236
- ISBN-13: 9781119811237
- Erscheinungsdatum: 05.10.2021
Sprache:
Englisch
Kommentar zu "8 Steps to Better Security"
0 Gebrauchte Artikel zu „8 Steps to Better Security“
Zustand | Preis | Porto | Zahlung | Verkäufer | Rating |
---|
Schreiben Sie einen Kommentar zu "8 Steps to Better Security".
Kommentar verfassen