Modern Cybersecurity Strategies for Enterprises: Protect and Secure Your Enterprise Networks, Digital Business Assets, and Endpoint Security with Tested and Proven Methods
- Length: 564 pages
- Edition: 1
- Language: English
- Publisher: BPB Publications
- Publication Date: 2022-08-29
- ISBN-10: 9355513135
- ISBN-13: 9789355513137
- Sales Rank: #1012673 (See Top 100 Books)
Security is a shared responsibility, and we must all own it
Key Features
- Expert-led instructions on the pillars of a secure corporate infrastructure and identifying critical components.
- Provides Cybersecurity strategy templates, best practices, and recommendations presented with diagrams.
- Adopts a perspective of developing a Cybersecurity strategy that aligns with business goals.
Description
Once a business is connected to the Internet, it is vulnerable to cyberattacks, threats, and vulnerabilities. These vulnerabilities now take several forms, including Phishing, Trojans, Botnets, Ransomware, Distributed Denial of Service (DDoS), Wiper Attacks, Intellectual Property thefts, and others.
This book will help and guide the readers through the process of creating and integrating a secure cyber ecosystem into their digital business operations. In addition, it will help readers safeguard and defend the IT security infrastructure by implementing the numerous tried-and-tested procedures outlined in this book.
The tactics covered in this book provide a moderate introduction to defensive and offensive strategies, and they are supported by recent and popular use-cases on cyberattacks. The book provides a well-illustrated introduction to a set of methods for protecting the system from vulnerabilities and expert-led measures for initiating various urgent steps after an attack has been detected.
What you will learn
- Adopt MITRE ATT&CK and MITRE framework and examine NIST, ITIL, and ISMS recommendations.
- Understand all forms of vulnerabilities, application security mechanisms, and deployment strategies.
- Know-how of Cloud Security Posture Management (CSPM), Threat Intelligence, and modern SIEM systems.
- Learn security gap analysis, Cybersecurity planning, and strategy monitoring.
Who this book is for
Professionals in IT security, Cybersecurity, and other related fields working to improve the organization’s overall security will find this book a valuable resource and companion.
This book will guide young professionals who are planning to enter Cybersecurity with the right set of skills and knowledge.
Cover Page Title Page Copyright Page Dedication Page About the Author About the Reviewers Acknowledgement Preface Errata Table of Contents Section - I: Overview and Need for Cybersecurity 1. Overview of Information Security and Cybersecurity Structure Objectives Information security principles Confidentiality Integrity Availability Additional/supporting principles Information security policies Need for an information security policy Building block of information security policy Cybersecurity - overview Definition of cybersecurity Difference between information security and cybersecurity Common threats in the market What is a cybersecurity threat? Types of cybersecurity threats Sources behind these Threat umbrellas Importance of cybersecurity Impact of cybercrime Facts and figures to understand the seriousness of cybersecurity Need of the hour and problem statement Few examples to justify the need of the hour Problem statement Cybersecurity strategy and its importance Common cybersecurity myths Strategy components Risk assessment Technologies’ adoption Conclusion Questions 2. Aligning Security With Business Objectives and Defining CISO Role Structure Objectives Today’s challenges for the CISO Aligning security with business objectives Learn the game ~ know your business Break the ice - Partner with executives and Board members Learn to speak “business language” Money speaks ~ Align security with profit Future security leaders Technology Process People Return on Investment (RoI) in cybersecurity Business outlook Definition and formula Role understanding for the modern security leaders CISO responsibilities Effective communication - from CISO to business Budget justification & review meeting Cybersecurity roadmap Conclusion Questions Section - II: Building Blocks for a Secured Ecosystem and Identification of Critical Components 3. Next-generation Perimeter Solutions Structure Objectives Overview and concept understanding Perimeter network What is a perimeter firewall? Next-generation firewall (NGFW) solution - the first line of defense to your realm Need to have a strong and robust perimeter security solution Importance of next-generation firewall The benefit of having a next-generation perimeter security solution Critical components of Next-generation Perimeter solution Deep packet inspection (DPI) Working principle and inspection technique Challenges that you may face while onboarding the DPI The use case for DPI Web Proxy and Secure web gateway (SWG) Definition Secure web gateway (SWG) Web Application Firewall (WAF) Understanding the difference between WAF and Perimeter firewall Application traffic vs. network traffic Need to have a WAF WAF implementation types VPN solutions Business and technical need for a VPN solution Types of VPN Functionality that should be included in your VPN solution Zero-day attack protection Definition and quick understanding What to look for in a zero-day security solution? Deployment options Intrusion Detection System (IDS) and Intrusion Prevention System (IPS) Need to have an IDS/IPS for your network/business challenge Deploying criteria for IDS and IPS DoS and DDoS protection Types of DoS and DDoS attack DNS security DNS attack types Mitigation plan or recommendation Onboarding, adoption, and maturity path Onboarding and adoption of technology Maturity path Leading players in this domain Next-generation firewall (NGFW) Web Security solutions Intrusion detection system (IDS) and Intrusion prevention system (IPS) Conclusion Questions 4. Next-generation Endpoint Security Structure Objectives Overview and concept understanding Defining endpoint and endpoint security Scope understanding What is considered an endpoint? Endpoint protection types and modules Need and importance of endpoint security Analyzing your requirements Requirement to become next-generation endpoint security Traditional solution vs. modern technologies Endpoint protection platforms (EPP) vs. traditional antivirus solutions Future-ready landscape and recommendations Guidelines to choose the right solution for your business Deployment guide and decision criteria Evaluating and reviewing solutions To evaluate and measure the “enhanced performance” improvement To evaluate and measure the “time-to-value” Other considerations Industry reports Proof of Concept (POC) Maturity path for endpoint security Maturity level Leading players in this domain Conclusion 5. Security Incident Response (IR) Methodology Structure Objectives Overview and concept understanding Definition Basic principles Types of security incidents Importance and key considerations while developing IR plan Key considerations for IR planning Industry Standard Incident Response frameworks SANS IR methodology Building an IR team Creating an IR plan Building blocks of IRP How to use IR tools, when to use them, and why? Problem-solving approach Adoption of the MITRE ATT&CK framework Adversarial tactics Techniques Common knowledge Appropriate placeholders for MITRE ATT&CK ATT&CK metrics Tools and resources for the MITRE ATT&CK framework Security incident - handling Sources of Indicators and Precursors Incident notification Containment strategy selection Obtaining and managing evidence Identification of the attack hosts Eradication and recovery Post-incident activity Incident handling checklist and recommendations Recommendations Best practices while handling IR Conclusion Questions 6. Cloud Security and Identity Management Structure Objectives Overview and concept understanding Working model Shared responsibility in cloud Responsibility of cloud service provider (CSP) Client’s responsibility Cyber hygiene and importance Importance of adopting cyber hygiene Challenges while implementing hygiene Cloud security architecture (CSA) Need to have a CSA CSA model for different types of cloud Cloud security framework (CSF) Cloud security principles Selection of CSF Adopting NIST into cloud security Leading frameworks for cloud Common compliance Cloud well-architected framework Building blocks of a cloud security architecture and compliance framework Compliance and visibility Secure computing Protection at the Network layer Cloud governance Change control management Monitoring and reporting Maturity model for cloud security Best practices for cloud security Overview of Identity and Access Management (IAM) Importance and business benefits of IAM The importance of PAM in your organization Technologies under IAM Component under IAM Discretionary Access Control (DAC) Mandatory Access Control (MAC) Privileged Access Control (PAM) Building blocks for IAM solution implementation Data Simplification of a rigid and inefficient process Picking the right tool Building blocks for PAM solution and key considerations Transformation to cloud based IAM solution Critical consideration while implementing IAM in cloud Strategy for IAM adoption Best practices while deploying IAM and its components RBAC PAM Recommended solution and OEMs for IAM Conclusion Questions 7. Vulnerability Management and Application Security Structure Objectives Overview and concept understanding Vulnerability management lifecycle Vulnerability management process Identification of vulnerabilities Validation of vulnerability Vulnerability treatment Vulnerabilities reporting Risk-based vulnerability management Increasing cyber-resilience Static Application Security Testing (SAST) Implementation strategy and guidelines Benefits of next-generation SAST solutions Dynamic Application Security Testing (DAST) Working principle Pro and cons of DAST Avoiding common mistakes Penetration testing Measure effectiveness through pen test Different stages in a pen test Frequency at which to run pen tests Recommended tools in this space Vulnerability scanning tools Vulnerability Management tools Future-ready vulnerability management programs Plan to cut across all the layers Maturity model for vulnerability management (VM) Phase 1 - Initial stage Phase 2 - Managed stage Phase 3 - Defined stage Phase 4 - Quantitatively managed stage Phase 5 - Optimized stage Recommended approach and best practices Conclusion Questions 8. Critical Infrastructure Component of Cloud and Data Classification Structure Objectives Overview of infrastructure components of the cloud ecosystem Components of private cloud infrastructure Cloud infrastructure deployment models Securing your cloud components Security around your data center and private cloud Securing virtualization layer Sprawl VM Data that is highly sensitive in a virtual machine Offline and dormant virtual machines (VMs) security Security of active VMs and pre-configured (golden image) VMs Virtual networks are difficult to see and control because of a lack of visibility Using the self-service portal to hijack an account or a service APIs from CSP pose a threat Storage services on the public cloud The risk associated with private cloud Breach of security Concerns about physical safety Capacity purchased too much or too little Concerns about compliance Issues with productivity Securing private cloud The approach to secure private cloud Hybrid cloud security Security challenges with hybrid cloud Hybrid cloud security strategy Multi-cloud Security The business benefit from the multi-cloud strategy Key security considerations for multi-cloud strategy Recommendation to improve multi-cloud security Key Consideration for Cloud Security Overview and concept understanding of data classification Data classification - definition Need for data classification The benefit of data classification Challenges to data classification Level of data sensitivity Data classification types The building block of data classification Data classification process Deep dive into the shared responsibility model Cloud service provider (CSP) responsibilities Core cloud team roles and responsibilities Recommended approach best practices for data classification Conclusion Questions Section - III: Assurance Framework (the RUN Mode) and Adoption of Regulatory Standards 9. Importance of Regulatory Requirements and Business Continuity Structure Objectives Overview and concept understanding of compliance Compliance definition Types of data subjected to compliance Regulatory compliance definition Importance of regulatory compliance Business benefits of cybersecurity compliance Consequences of non-compliance Understanding of cybersecurity frameworks NIST NIST 800-53 ISO/IEC 27001 CIS PCI DSS Business alignment with framework and regulations Cloud-based compliance requirements Organization developing cloud compliance Widely adopted cloud compliance Selecting the right compliance for your business An approach to the compliance program Identification of the data types and the requirements that may apply Create a compliance team and CISO appointment Create a risk assessment methodology Risk and vulnerability assessment Choose the right framework Implement technical controls based on framework and risk tolerance Set up policies, procedures, and process controls Monitor, review, and respond regularly Alignment of organizational compliance and security goals Budgetary alignment Strategic alignment Control alignment Summary Overview and concept understanding of business continuity Importance of business continuity Business continuity planning (BCP) Development of Business Continuity Plan (BCP) Importance of business continuity planning Key components of the BCP Readiness of BCP Business Continuity Management (BCM) Mapping business continuity with associated standards Business impact analysis (BIA) BIA execution approach BIA result analysis Sample questionnaire you should consider while planning your BIA Summary Recommendation for integrating cybersecurity with business continuity Recommendations to ensure compliance for organizations Conclusion Questions References and useful links 10. Risk Management - Life Cycle Structure Objectives Overview of and understanding risk management Cybersecurity risk management - definition Risk calculation Cybersecurity risk management framework Importance of cybersecurity risk management The key consideration for cybersecurity risk management Create a cybersecurity risk management strategy Developing the cybersecurity risk management plan Measures to reduce cybersecurity risks (risk treatment plan) Continual monitoring Role of internal audits and compliance in cybersecurity risk management Risk appetite, scorecard, and prioritization Factors influencing the risk appetite To calculate your risk appetite The key consideration to defining risk appetite for your organization Best practices for cybersecurity risk assessment Integrate cybersecurity into your enterprise risk management framework Locate workflows that add value Make cyber risks a top priority Regular risk assessments should be implemented Best practices for cybersecurity risk management Go with a risk-based approach Adoption of a cybersecurity risk strategy Adoption of cybersecurity risk management framework Conclusion Questions 11. People, Process, and Awareness Structure Objectives Importance of roles and responsibilities in cybersecurity Guidelines Roles and responsibilities To create an effective cybersecurity team Critical roles in your security organization Critical team in your security organization Partner ecosystem Summary Insourcing and outsourcing Understand the difference between insourcing and outsourcing Resource demand and capacity management Define resource transparency requirements Define roles and not skills and names Human resources should be in charge of resource breakdown Role of HR in cybersecurity Determine a company’s risk exposure Employee data access and control Assistance in the development of security policy Encourage the adoption of a cyber-safety mindset Cybersecurity training for employees Establishing a strong partner ecosystem Key considerations while choosing the right partner Third-party risk, vendor risk, and supply chain risk Mitigating third-party risks in supply chain management Third-party risk management audit The implication of third-party failure Adoption of cybersecurity in project management Define the boundaries of the information system Best practices for Supply Chain Risk Management (SCRM) Determine the risks that have been identified Security awareness training Cybersecurity awareness and its importance Benefits of awareness training Best practices to adopt for security awareness Best practices while adapting HR function for cybersecurity Conclusion Questions References 12. Threat Intelligence and Next-generation SIEM Solution Structure Objectives Concept understanding of threat intelligence Common indicators of compromise (IoC) Importance of threat intelligence in cybersecurity space Threat intelligence types Threat intelligence lifecycle Lifecycle steps Audience who gets benefits out of threat intelligence Advanced persistent threats (APT) Working principle of APT attack Characteristics of APT attacks Importance of speed in APT protection Threat hunting Proactive threat hunting process Threat hunting methodologies Best practices to adopt for threat hunting Recommended open-source threat Intel feeds AlienVault Open Threat Exchange (AlienVault Open Threat Exchange) Cisco Talos Intelligence The Spamhaus Project Internet Storm Center (SANS) Google Safe Browsing Threat Intelligence platform IBM X-Force Exchange Anomali ThreatStream Palo Alto Networks Cortex XSOAR TIM Mandiant Threat Intelligence Suite ThreatConnect Security Incident Event Management (SIEM) overview Traditional SIEM solutions next-generation SIEM Solution next-generation SIEM features Need for next-generation SIEM Solution and Core tenets Conceptual building blocks of next-generation SIEM Architecture Behavioral analytics Cloud deployment Incident response Data enrichment Packaged content Key considerations while selecting next-generation SIEM Solution Deployment in the Cloud vs. On-Prem Analytics Estimation of costs Configurations for alerts Regulations on compliance and auditing Architecture, technology, and adoption path Capabilities and components to be considered Logging process of SIEM The log flow SIEM integration Choosing the right model for your business Sizing guidelines for SIEM solution Change in architecture - traditional vs next-generation Strategy to evaluate and adopt next-generation SIEM solution Establishing the business case Plan for requirements Develop a selection process The evaluation process for potential vendors Proof of concept (POC) Proceed with selector vendor Recommended vendors for next-Gen SIEM solution Azure Sentinel Elastic Stack Exabeam LogRhythm Rapid7 Insight IDR Securonix Splunk Best practices and the maturity path of next-generation SIEM solution SIEM use cases: define and implement SIEM correlation rules tuning SIEM maturity model Conclusion Questions 13. Cloud Security Posture Management (CSPM) Structure Objectives Overview of Cloud Security Posture Management (CSPM) Definition Key credentials of CSPM Need for CSPM in the current landscape Reason for misconfiguration in Cloud How is CSPM solving the Cloud misconfiguration Issues? Importance of CSPM Use cases of CSPM Working principle of CSPM Finding and getting noticed Management and remediation of misconfigurations Threat detection in real time Integration of DevSecOps Key considerations while selecting CSPM for your business Business consideration Technical consideration Operational consideration Adoption Path Collaboration between departments Multi-cloud deployment scenario Concerns while deploying CSPM with a multi-cloud environment Potential solution Leading vendors in this space Check point’s CloudGuard Orca Security Prisma Cloud from Palo Alto Networks Trend Micro (Cloud Conformity) Zscaler Best practices around CSPM Conclusion Questions Section - IV: Cybersecurity Strategy Guidelines, Templates, and Recommendations 14. Implementation of Guidelines and Templates Structure Objectives Current challenges you face in your cybersecurity landscape Pillars of cybersecurity strategy Develop a step-by-step strategy for cybersecurity Gap analysis The key consideration for executing the gap analysis exercise Gap Analysis template Defense in-depth approach Cybersecurity strategy plan - template Strategic goal development Scope defining Identify the requirements and develop objectives Establish key performance indicators (KPI) Real-time examples of KPI for cybersecurity domain Identification of key stakeholders Determining the resource requirement Develop a communication strategy Implement strategy Review the progress Conclusion Questions 15. Best Practices and Recommendations Structure Objectives Overview and need of the hour Network security best practices Data security best practices Best practices for managing and securing service accounts Recommended technologies for your maturity roadmap Deep dive to zero trust Zero trust and NIST 800-27 Zero trust principles Adoption path of zero trust Deep dive to SD-WAN SD-WAN security Quick wins with SD-WAN Role of SD-WAN in cybersecurity strategy Deep dive to Secure Service Edge (SSE) Core functionalities of SSE Benefits of SSE over the traditional setup Selection criteria for SSE Adoption of AI and ML Influence of AI and ML in cybersecurity space Use cases for ML Digital Forensics and Incident Response (DFIR) Importance of DFIR in cybersecurity Best practices around DFIR Key considerations while selecting an open-source technology stack Satisfaction of a requirement Skill set Community Support Documentation Security Conclusion Questions Index
Donate to keep this site alive
1. Disable the AdBlock plugin. Otherwise, you may not get any links.
2. Solve the CAPTCHA.
3. Click download link.
4. Lead to download server to download.