Cybersecurity Threats, Malware Trends, and Strategies: Discover risk mitigation strategies for modern threats to your organization, 2nd Edition
- Length: 584 pages
- Edition: 2
- Language: English
- Publisher: Packt Publishing
- Publication Date: 2023-01-25
- ISBN-10: 1804613673
- ISBN-13: 9781804613672
- Sales Rank: #0 (See Top 100 Books)
Implement effective cybersecurity strategies to help you and your security team protect, detect, and respond to modern-day threats
Purchase of the print or Kindle book includes a free eBook in PDF format.
Key Features
- Protect your organization from cybersecurity threats with field-tested strategies
- Understand threats such as exploits, malware, internet-based threats, and governments
- Measure the effectiveness of your organization’s current cybersecurity program against modern attackers’ tactics
Book Description
Tim Rains is Microsoft’s former Global Chief Security Advisor and Amazon Web Services’ former Global Security Leader for Worldwide Public Sector. He has spent the last two decades advising private and public sector organizations all over the world on cybersecurity strategies.
Cybersecurity Threats, Malware Trends, and Strategies, Second Edition builds upon the success of the first edition that has helped so many aspiring CISOs, and cybersecurity professionals understand and develop effective data-driven cybersecurity strategies for their organizations. In this edition, you’ll examine long-term trends in vulnerability disclosures and exploitation, regional differences in malware infections and the socio-economic factors that underpin them, and how ransomware evolved from an obscure threat to the most feared threat in cybersecurity. You’ll also gain valuable insights into the roles that governments play in cybersecurity, including their role as threat actors, and how to mitigate government access to data. The book concludes with a deep dive into modern approaches to cybersecurity using the cloud.
By the end of this book, you will have a better understanding of the threat landscape, how to recognize good Cyber Threat Intelligence, and how to measure the effectiveness of your organization’s cybersecurity strategy.
What you will learn
- Discover enterprise cybersecurity strategies and the ingredients critical to their success
- Improve vulnerability management by reducing risks and costs for your organization
- Mitigate internet-based threats such as drive-by download attacks and malware distribution sites
- Learn the roles that governments play in cybersecurity and how to mitigate government access to data
- Weigh the pros and cons of popular cybersecurity strategies such as Zero Trust, the Intrusion Kill Chain, and others
- Implement and then measure the outcome of a cybersecurity strategy
- Discover how the cloud can provide better security and compliance capabilities than on-premises IT environments
Who this book is for
This book is for anyone who is looking to implement or improve their organization’s cybersecurity strategy. This includes Chief Information Security Officers (CISOs), Chief Security Officers (CSOs), compliance and audit professionals, security architects, and cybersecurity professionals. Basic knowledge of Information Technology (IT), software development principles, and cybersecurity concepts is assumed.
Preface Who this book is for What this book covers To get the most out of this book Get in touch Share your thoughts Introduction Different types of CISOs: “The CISO Spectrum” How organizations get initially compromised and the cybersecurity fundamentals Unpatched vulnerabilities Security misconfigurations Weak, leaked, and stolen credentials Social engineering Insider threats Focus on the cybersecurity fundamentals Understanding the difference between attackers’ motivations and tactics Summary References What to Know about Threat Intelligence What is threat intelligence? Where does CTI data come from? Using threat intelligence The key to using threat intelligence Threat intelligence sharing CTI sharing protocols Traffic Light Protocol STIX and TAXII Reasons not to share CTI How to identify credible cyber threat intelligence Data sources Time periods Recognizing hype Predictions about the future Vendors’ motives Summary References Using Vulnerability Trends to Reduce Risk and Costs Introduction Vulnerability Management Primer Vulnerability Disclosure Data Sources Industry Vulnerability Disclosure Trends Vendor and Product Vulnerability Trends Reducing Risk and Costs – Measuring Vendor and Product Improvement Microsoft Vulnerability Trends Oracle Vulnerability Trends Google Vulnerability Trends Debian Vulnerability Trends Apple Vulnerability Trends Vendor Vulnerability Trend Summary Operating System Vulnerability Trends Google Android Vulnerability Trends Apple iOS Vulnerability Trends Mobile Operating System Summary Microsoft Windows 10 Vulnerability Trends Apple macOS Vulnerability Trends Desktop Operating System Summary Ubuntu Linux Vulnerability Trends Linux Kernel Vulnerability Trends Microsoft Windows Server 2016 Vulnerability Trends Server Operating System Summary Web Browser Vulnerability Trends Apple Safari Vulnerability Trends Google Chrome Vulnerability Trends Web Browser Summary Vulnerability Improvement Framework Summary Vulnerability Management Guidance Summary References The Evolution of Malware Introduction Why is there so much malware on Windows compared to other platforms? Data sources The Malicious Software Removal Tool Real-time anti-malware tools Non-security data sources About malware How malware infections spread Trojans Potentially unwanted software Exploits and exploit kits Worms Ransomware Viruses Browser modifiers Measuring malware prevalence Global Windows malware infection analysis Regional Windows malware infection analysis The threat landscape in the Middle East and Northern Africa 10-year regional report card for the Middle East and Northern Africa The threat landscape in the European Union and Eastern Europe 10-year regional report card for the European Union 10-year regional report card for select Eastern European locations The threat landscape in select locations in Asia and Oceania 10-year regional report card for Asia and Oceania The threat landscape in select locations in the Americas 10-year regional report card for the Americas Regional Windows malware infection analysis conclusions What does this all mean for CISOs and enterprise security teams? Global malware evolution Global malware evolution conclusions The evolution of ransomware Delivery mechanisms Execution mechanisms Ransom payment methods Ransom demands and communications Business model The great debate – are anti-malware solutions really worthwhile? Summary References Internet-Based Threats Introduction A typical attack Phishing attacks Mitigating phishing Drive-by download attacks Mitigating drive-by download attacks Malware-hosting sites Mitigating malware distribution Post compromise – botnets and DDoS attacks Summary References The Roles Governments Play in Cybersecurity The pursuit of happiness Governments as cybersecurity market participants Governments as standards bodies Governments as enforcers Regulators Law enforcement Governments as defenders Public safety National security Military Summary References Government Access to Data Understanding government access to data The signals intelligence scenario The unlawful government access to data scenario The lawful government access to data scenario Lawful government access to data The CLOUD Act and the PATRIOT Act Managing the risk of government access to data The volume of law enforcement requests The probability of US law enforcement accessing data in the cloud The GDPR, FISA Section 702, and Schrems II The Probability of US Intelligence Accessing Data in the Cloud Mitigating government access to data Setting and understanding the scope Setting realistic objectives Planning data protection controls Conclusion Summary References Ingredients for a Successful Cybersecurity Strategy What is a cybersecurity strategy? Other ingredients for a successful strategy Business objective alignment Cybersecurity vision, mission, and imperatives Senior executive and board support Understand the risk appetite Realistic view of current cybersecurity capabilities and technical talent Compliance program and control framework alignment An effective relationship between cybersecurity and IT Security culture Summary References Cybersecurity Strategies Introduction Measuring the efficacy of cybersecurity strategies Cybersecurity strategies Protect and Recover Strategy CFSS score Protect and Recover Strategy summary Endpoint Protection Strategy CFSS score Endpoint Protection Strategy summary Physical control and security clearances as a security strategy CFSS score Physical Control and Security Clearances Strategy summary Compliance as a Security Strategy CFSS score Compliance as a Security Strategy summary Application-Centric Strategy CFSS score Application-Centric Strategy summary Identity-Centric Strategy CFSS score Identity-Centric Strategy summary Data-Centric Strategy CFSS score Data-Centric Strategy summary Attack-Centric Strategy CFSS score Attack-Centric Strategy summary Zero Trust CFSS score Cybersecurity strategies summary DevOps and DevSecOps Summary References Strategy Implementation Introduction What is an Intrusion Kill Chain? Modernizing the Kill Chain Mapping the Cybersecurity Usual Suspects Updating the matrix Intrusion Kill Chain or ATT&CK? Getting started Maturity of current cybersecurity capabilities Pervasiveness of current cybersecurity capabilities Who consumes the data? Cybersecurity license renewals Implementing this strategy Rationalizing the matrix – gaps, under-investments, and over-investments Identifying gaps Identifying areas of under-investment Identifying areas of over-investment Planning your implementation Designing control sets Attack phase – Reconnaissance I Example controls for Reconnaissance I Insights from ATT&CK Attack phase – Delivery Example controls for Delivery Insights from ATT&CK Attack phase – Exploitation Example controls for Exploitation Insights from ATT&CK Attack phase – Installation Example controls for Installation Insights from ATT&CK Attack phase – Command and Control (C2) Example controls for C2 Insights from ATT&CK Attack phase – Reconnaissance II Example controls for Reconnaissance II Insights from ATT&CK Attack phase – Actions on Objectives Example controls for Actions on Objectives Insights from ATT&CK Conclusion Summary References Measuring Performance and Effectiveness Introduction Using vulnerability management data Assets under management versus total assets Known unpatched vulnerabilities Unpatched vulnerabilities by severity Vulnerabilities by product type Measuring the performance and efficacy of an Attack-Centric Strategy Performing intrusion reconstructions Using intrusion reconstruction results Identifying lame controls Learning from failure Identifying helpful vendors Informing internal assessments Adversary emulations leveraging ATT&CK Summary References Modern Approaches to Security and Compliance Introduction How is cloud computing different? Cloud Service Providers versus Managed Service Providers Migrating to the cloud Cybersecurity assessment questionnaires Security and compliance game changers The power of APIs The advantages of automation Mitigating insider threat and social engineering Mitigating unpatched vulnerabilities Mitigating security misconfigurations Mitigating weak, leaked and stolen credentials Security and compliance game changers – summary Using cybersecurity strategies in the cloud Using the Protect and Recover Strategy in the cloud Compliance as a Cybersecurity Strategy in the cloud Using the Attack-Centric Strategy in the cloud DevOps – A modern approach to security in the cloud Disaster Recovery in the cloud Encryption and key management Conclusion Summary References Other Books You May Enjoy Index
Donate to keep this site alive
How to download source code?
1. Go to: https://github.com/PacktPublishing
2. In the Find a repository… box, search the book title: Cybersecurity Threats, Malware Trends, and Strategies: Discover risk mitigation strategies for modern threats to your organization, 2nd Edition
, sometime you may not get the results, please search the main title.
3. Click the book title in the search results.
3. Click Code to download.
1. Disable the AdBlock plugin. Otherwise, you may not get any links.
2. Solve the CAPTCHA.
3. Click download link.
4. Lead to download server to download.