The Cybersecurity Playbook for Modern Enterprises: An end-to-end guide to preventing data breaches and cyber attacks

Length: 280 pages
Edition: 1
Language: English
Publisher: Packt Publishing
Publication Date: 2022-03-31
ISBN-10: 1803248637
ISBN-13: 9781803248639
Sales Rank: #0 (See Top 100 Books)

Learn how to build a cybersecurity program for a changing world with the help of proven best practices and emerging techniques

Key Features

Understand what happens in an attack and build the proper defenses to secure your organization
Defend against hacking techniques such as social engineering, phishing, and many more
Partner with your end user community by building effective security awareness training programs

Book Description

Security is everyone’s responsibility and for any organization, the focus should be to educate their employees about the different types of security attacks and how to ensure that security is not compromised.

This cybersecurity book starts by defining the modern security and regulatory landscape, helping you understand the challenges related to human behavior and how attacks take place. You’ll then see how to build effective cybersecurity awareness and modern information security programs. Once you’ve learned about the challenges in securing a modern enterprise, the book will take you through solutions or alternative approaches to overcome those issues and explain the importance of technologies such as cloud access security brokers, identity and access management solutions, and endpoint security platforms. As you advance, you’ll discover how automation plays an important role in solving some key challenges and controlling long-term costs while building a maturing program. Toward the end, you’ll also find tips and tricks to keep yourself and your loved ones safe from an increasingly dangerous digital world.

By the end of this book, you’ll have gained a holistic understanding of cybersecurity and how it evolves to meet the challenges of today and tomorrow.

What you will learn

Understand the macro-implications of cyber attacks
Identify malicious users and prevent harm to your organization
Find out how ransomware attacks take place
Work with emerging techniques for improving security profiles
Explore identity and access management and endpoint security
Get to grips with building advanced automation models
Build effective training programs to protect against hacking techniques
Discover best practices to help you and your family stay safe online

Who this book is for

This book is for security practitioners, including analysts, engineers, and security leaders, who want to better understand cybersecurity challenges. It is also for beginners who want to get a holistic view of information security to prepare for a career in the cybersecurity field. Business leaders looking to learn about cyber threats and how they can protect their organizations from harm will find this book especially useful. Whether you’re a beginner or a seasoned cybersecurity professional, this book has something new for everyone.

The Cybersecurity Playbook for Modern Enterprises: An end-to-end guide to preventing data breaches and cyber attacks
1 Protecting People, Information, and Systems – A Growing Problem
    Why cybercrime is here to stay – a profitable business model
    The macro-economic cost of cybercrime
        The global cost of identity theft
        Intellectual property and Western economies
        Micro-level impacts and responses to cybercrime
    The role of governments and regulation
        Industry regulation
        The growing need for data privacy regulation
        Data sovereignty regulations
        Workers’ councils
    The foundational elements of security
        People
        Information
        Systems
    The cybersecurity talent shortage
    Summary
    Check your understanding
    Further reading
2 The Human Side of Cybersecurity
    People exploiting people
        Social engineering techniques
        Stealing credentials
        Malicious software
    The three types of insider threats
        Well-meaning insiders
        Compromised accounts
        Malicious insiders
    Summary
    Check your understanding
    Further reading
3 Anatomy of an Attack
    Understanding the risk from targeted attacks
        Organized crime
        State-sponsored actors and military operations
        Hacktivists and terrorists
        Insider threats
        Risk treatment planning
    Stages of an attack
    Extortion
        Gaining access to target systems
        Installing malicious software
        Spreading the infection
        Notifying the victim and making demands
    Stealing information
        Identifying what to steal
        Gaining access to information
        Aggregating information
        Exfiltrating information
        Generating economic benefit
    System disruption or destruction
        Attacks on critical infrastructure
        Revenge attacks
        Cyber weapons of war
    Attackers for hire
        Dark web forums
        Malware as a Service
    Summary
    Check your understanding
    Further reading
4 Protecting People, Information, and Systems with Timeless Best Practices
    The most important threat vector
        Email attacks by the numbers
        Types of email-based attacks
    Time-honored best practices that could stop most breaches
        Concept of Least Privilege
        Need to Know
        Role-Based Access Control
        Identity Management
        Vulnerability management and patching
    Capabilities necessary in the remote world
        Factors of authentication
        Why your password is meaningless
        Multifactor authentication
        Network segmentation
        Allowed applications
    The role of human behavior
        Behavior analysis for authentication
        Behavior analysis for anomaly detection
        Adaptive security in human behavior
    The everything, everywhere world
    Summary
    Check your understanding
    Further reading
5 Protecting against Common Attacks by Partnering with End Users
    A framework for effective training
        Frequency
        Content
        Scope
    Making your people your partners
        Making people active participants
        Simulations are better than presentations
        Educating about data
    Training people to protect against common hacking techniques
        Social engineering awareness
        Phishing training and prevention
        Technologies supporting people
    Tabletop exercises
    Summary
    Check your understanding
    Further reading
6 Information Security for a Changing World
    Frames of reference
        Military connection
        Security triumvirates
    Challenges with the traditional information security model
    Protecting information
        Challenges of information protection
        Protecting information is a critical capability
        Mapping data flows
        Cross-functional collaboration
    Securing networks and workloads – past, present, and future
        Securing networks
        Securing cloud workloads
    Securing identities and granting access
        Verifying identities
        Granting access
        Permissions accumulation
        Human behavior
    Securing endpoints
    Summary
    Check your understanding
    Further reading
7 Difficulty Securing the Modern Enterprise (with Solutions!)
    Cybersecurity talent shortage
        Not enough people!
        Services can help!
        Automation
    Too much technology with too little process
        Console whiplash
        Siloed programs
        Lack of business involvement
    What are we trying to accomplish?
        Cyber risk is business risk
        Risk treatment planning
        Looking for material risk factors
    Lack of continuing education
        The pace of change
        Updating certain skills
        Applying timeless concepts
    Summary
    Check your understanding
    Further reading
8 Harnessing Automation Opportunities
    Defining automation opportunities
        A brief introduction to finance
        Mapping a task by its cost basis
        Documenting manual processes
        Automating processes
    Gathering data and applying context
        Ethics in AI
    Testing the systems
        Confusion matrix
        Hybrid implementations
    How attackers can leverage automation
    Summary
    Check your understanding
    Further reading
9 Cybersecurity at Home
    Protecting children and teaching them about online safety
        The permanence of social media
        The truth behind the façade
        The danger lurking online
    Password managers
    Multifactor authentication
    Password complexity and why it matters
    Stop publishing your information!
        Scraping
    Summary
    Check your understanding
    Further reading

Donate to keep this site alive

To access the Link, solve the captcha.

How to download source code?

1. Go to: https://github.com/PacktPublishing

2. In the Find a repository… box, search the book title: The Cybersecurity Playbook for Modern Enterprises: An end-to-end guide to preventing data breaches and cyber attacks, sometime you may not get the results, please search the main title.