Cybersecurity First Principles: A Reboot of Strategy and Tactics
- Length: 400 pages
- Edition: 1
- Language: English
- Publisher: Wiley
- Publication Date: 2023-04-25
- ISBN-10: 1394173083
- ISBN-13: 9781394173082
- Sales Rank: #528419 (See Top 100 Books)
The first expert discussion of the foundations of cybersecurity
In Cybersecurity First Principles, Rick Howard, the Chief Security Officer, Chief Analyst, and Senior fellow at The Cyberwire, challenges the conventional wisdom of current cybersecurity best practices, strategy, and tactics and makes the case that the profession needs to get back to first principles. The author convincingly lays out the arguments for the absolute cybersecurity first principle and then discusses the strategies and tactics required to achieve it.
In the book, you’ll explore:
Infosec history from the 1960s until the early 2020s and why it has largely failed What the infosec community should be trying to achieve instead The arguments for the absolute and atomic cybersecurity first principle The strategies and tactics to adopt that will have the greatest impact in pursuing the ultimate first principle Case studies through a first principle lens of the 2015 OPM hack, the 2016 DNC Hack, the 2019 Colonial Pipeline hack, and the Netflix Chaos Monkey resilience program A top to bottom explanation of how to calculate cyber risk for two different kinds of companies This book is perfect for cybersecurity professionals at all levels: business executives and senior security professionals, mid-level practitioner veterans, newbies coming out of school as well as career-changers seeking better career opportunities, teachers, and students.
Cover Title Page Copyright Page About the Author About The Technical Editors Acknowledgments Contents Contents Who We Are Foreword Introduction Who Is This Book For? What the Book Covers Writing Conventions Cybersecurity Cybersecurity Professionals Organizations The Cybersecurity Canon Project Rick’s War Stories Book Website Road Map Chapter 1 First Principles Overview What Are First Principles? Prior Research on Cybersecurity First Principles What Is the Atomic Cybersecurity First Principle? Is CIA an Absolute First Principle? Is Patching an Absolute First Principle? Is Preventing Malware an Absolute First Principle? Is Incident Response an Absolute First Principle? Is Adherence to Security Frameworks an Absolute First Principle? Is Adherence to Compliance Regulations an Absolute First Principle? The Atomic Cybersecurity First Principle Conclusion Chapter 2 Strategies Overview Strategies vs. Tactics What Are the Essential Strategies Required for a First Principle Infosec Program? Zero Trust Strategy Overview Intrusion Kill Chain Prevention Strategy Overview Resilience Strategy Overview Risk Forecasting Strategy Overview Automation Strategy Overview Conclusion Chpater 3 Zero Trust Overview The Use Case for Zero Trust: Edward Snowden Zero Trust: Overhyped in the Market but. . . Cyber Hygiene, Defense in Depth, and Perimeter Defense: Zero Trust Before We Had Zero Trust Zero Trust Is Born Zero Trust Is a Philosophy, Not a Product Meat-and-Potatoes Zero Trust Logical and Micro Segmentation Vulnerability Management: A Zero Trust Tactic Vulnerability Management as an Intelligence Task Software Bill of Materials: A Zero Trust Tactic Automobile Manufacturing Is Similar to DevOps Commercial Code Is Open-Source Code Software Supply Chain and Cybersecurity First Principles Pertinent SBOM Standards Presidential Directive Three Tools for Supply-ChainRisk Reduction A Bright Future for SBOMs Identity Management: A Tactic for Zero Trust IAM: IGA and PIM and PAM, Oh My! Single Sign-On: A Zero Trust Tactic OAuth Process SAML Process Two-Factor Authentication: A Tactic for Zero Trust Types of Two-Factor Authentication SMS Verification Email Verification Authenticator Soft Tokens (Like Google Authenticator, ID.me, Blizzard’s Battlenet, and LastPass) Push Authentication (from Google, Apple, Microsoft, and Twitter) Universal 2nd Factor Authentication How Secure Is Two Factor Authentication? The Future of Two-Factor Authentication Software-Defined Perimeter: A Tactic for Zero Trust Software-Defined Perimeter Becomes a New Model Why Zero Trust Projects Fail Conclusion Chapter 4 Intrusion Kill Chain Prevention Overview The Beginnings of a New Idea The Lockheed Martin Kill Chain Paper The Kill Chain Model Adversary Motivations: Cyber Warfare Morphing Into Low-Level Cyber Conflict The Lockheed Martin Cyber Kill Chain Is Great, but. . . Kill Chain Models The MITRE ATT&CK Framework The Department of Defense’s Diamond Model Some Thoughts About Attribution How Many Active Adversary Playbooks Are There? The Adversary Intelligence Trifecta: Kill Chain, ATT&CK, and Diamond Security Operations Centers: A Tactic for Intrusion Kill Chain Prevention Orchestrating the Security Stack: An Intrusion Kill Chain Prevention Tactic Cyber Threat Intelligence: A Tactic for All First Principles Strategies but Primarily for Intrusion Kill Chain Prevention Cyber Threat Intelligence Operations As a Journey Red/Blue/Purple Team Operations: A Tactic for Intrusion Kill Chain Prevention Intelligence Sharing: A Tactic for Intrusion Kill Chain Prevention Conclusion Chapter 5 Resilience Overview What Is Resilience? Resilience Examples IT Resilience and Infosec Resilience Resilience vs. Resiliency Planning Herding the Cats: Responsibility Assignment Matrices How to Think About Resilience Crisis Handling: A Tactic for Resilience RSA Security: A Case Study in Crisis Communications Equifax: A Case Study in Crisis Communications Desired Outcomes Executives Are Busy: Exercise Them Efficiently Backups: A Tactic for Resilience Backups As a Strategy Against Ransomware Option 1: Centralized Backup Platforms for All Data Islands Option 2: One-Off Decentralized Backup Systems Option 3: DevOps (DevSecOps) for Each Application How Do You Get to Carnegie Hall? Practice Encryption: A Tactic for Resilience Data at Rest and Data in Motion The First Principle Encryption Tactic Is Recursive Incident Response: A Tactic for Resilience The NIST Guides on Cybersecurity and Incident Response The Technical Side of Incident Response Conclusion Chapter 6 Risk Forecasting Overview Superforecasting, Fermi Estimates, and Black Swans Superforecaster Superpowers People Don’t Think in Terms of Probabilities but Should Is Osama Bin Laden in the Bunker? Fermi Estimates Are Good Enough Black Swans and Resilience Changing My Mind Bayes Rule: A Different Way to Think About Cybersecurity Risk Bayes’ Theorem Using Bayes to Defeat the Germans in WWII Consider the Bayes Rule for Cybersecurity Risk Forecasting Risk Forecasting with the Bayes Rule: A Practical Example But Wait, What About Me? How Do You Incorporate This New Data? An Inside-Out Analysis: The First Principles An Inside-Out Analysis: The Contoso Corporation For the Contoso General View of the Business For the Contoso Technical Architecture For the Contoso Zero Trust Deployment For the Contoso Resilience Deployment For the Contoso Intrusion Kill Chain Deployment An Inside-Out Analysis: First Principle Strategies What Now? Are We Within the Risk Tolerance of the Business? Conclusion Chapter 7 Automation Overview Why Security Automation Is Essential Early History of Software Development Philosophies Agile Becomes the Challenger When Do We Start Thinking About Security? Coding the Infrastructure DevSecOps: An Essential Tactic for Automation What Happened to Security? DevSecOps on Track DevSecOps As a First Principle Strategy Final Thoughts About Automation As a Strategy Compliance: A First Principle Tactic That Cuts Across All Strategies Compliance Industry Two Compliance Categories: Ticket to Ride, Penalties, and Fines The Probability of Material Impact Due to Noncompliance Is Compliance a First Principle Tactic? Chaos Engineering for Automation and Resilience History of Chaos Engineering What Does Chaos Engineering Have to Do with Automation and Resilience? Conclusion Chapter 8 Summation Overview Zero Trust Intrusion Kill Chain Prevention Resilience Risk Forecasting Automation Conclusion Index EULA
Donate to keep this site alive
1. Disable the AdBlock plugin. Otherwise, you may not get any links.
2. Solve the CAPTCHA.
3. Click download link.
4. Lead to download server to download.