Cybersecurity First Principles a reboot of strategy and tactics
| Otros Autores: | |
|---|---|
| Formato: | Libro electrónico |
| Idioma: | Inglés |
| Publicado: |
Hoboken, NJ :
John Wiley & Sons, Inc
[2023]
|
| Materias: | |
| Ver en Biblioteca Universitat Ramon Llull: | https://discovery.url.edu/permalink/34CSUC_URL/1im36ta/alma991009752726406719 |
Tabla de Contenidos:
- Cover
- Title Page
- Copyright Page
- About the Author
- About The Technical Editors
- Acknowledgments
- Contents
- Contents
- Who We Are
- Foreword
- Introduction
- Who Is This Book For?
- What the Book Covers
- Writing Conventions
- Cybersecurity
- Cybersecurity Professionals
- Organizations
- The Cybersecurity Canon Project
- Rick's War Stories
- Book Website
- Road Map
- Chapter 1 First Principles
- Overview
- What Are First Principles?
- Prior Research on Cybersecurity First Principles
- What Is the Atomic Cybersecurity First Principle?
- Is CIA an Absolute First Principle?
- Is Patching an Absolute First Principle?
- Is Preventing Malware an Absolute First Principle?
- Is Incident Response an Absolute First Principle?
- Is Adherence to Security Frameworks an Absolute First Principle?
- Is Adherence to Compliance Regulations an Absolute First Principle?
- The Atomic Cybersecurity First Principle
- Conclusion
- Chapter 2 Strategies
- Overview
- Strategies vs. Tactics
- What Are the Essential Strategies Required for a First Principle Infosec Program?
- Zero Trust Strategy Overview
- Intrusion Kill Chain Prevention Strategy Overview
- Resilience Strategy Overview
- Risk Forecasting Strategy Overview
- Automation Strategy Overview
- Conclusion
- Chpater 3 Zero Trust
- Overview
- The Use Case for Zero Trust: Edward Snowden
- Zero Trust: Overhyped in the Market but. . .
- Cyber Hygiene, Defense in Depth, and Perimeter Defense: Zero Trust Before We Had Zero Trust
- Zero Trust Is Born
- Zero Trust Is a Philosophy, Not a Product
- Meat-and-Potatoes Zero Trust
- Logical and Micro Segmentation
- Vulnerability Management: A Zero Trust Tactic
- Vulnerability Management as an Intelligence Task
- Software Bill of Materials: A Zero Trust Tactic
- Automobile Manufacturing Is Similar to DevOps.
- Commercial Code Is Open-Source Code
- Software Supply Chain and Cybersecurity First Principles
- Pertinent SBOM Standards
- Presidential Directive
- Three Tools for Supply-ChainRisk Reduction
- A Bright Future for SBOMs
- Identity Management: A Tactic for Zero Trust
- IAM: IGA and PIM and PAM, Oh My!
- Single Sign-On: A Zero Trust Tactic
- OAuth Process
- SAML Process
- Two-Factor Authentication: A Tactic for Zero Trust
- Types of Two-Factor Authentication
- SMS Verification
- Email Verification
- Authenticator Soft Tokens (Like Google Authenticator, ID.me, Blizzard's Battlenet, and LastPass)
- Push Authentication (from Google, Apple, Microsoft, and Twitter)
- Universal 2nd Factor Authentication
- How Secure Is Two Factor Authentication?
- The Future of Two-Factor Authentication
- Software-Defined Perimeter: A Tactic for Zero Trust
- Software-Defined Perimeter Becomes a New Model
- Why Zero Trust Projects Fail
- Conclusion
- Chapter 4 Intrusion Kill Chain Prevention
- Overview
- The Beginnings of a New Idea
- The Lockheed Martin Kill Chain Paper
- The Kill Chain Model
- Adversary Motivations: Cyber Warfare Morphing Into Low-Level Cyber Conflict
- The Lockheed Martin Cyber Kill Chain Is Great, but. . .
- Kill Chain Models
- The MITRE ATT&
- CK Framework
- The Department of Defense's Diamond Model
- Some Thoughts About Attribution
- How Many Active Adversary Playbooks Are There?
- The Adversary Intelligence Trifecta: Kill Chain, ATT&
- CK, and Diamond
- Security Operations Centers: A Tactic for Intrusion Kill Chain Prevention
- Orchestrating the Security Stack: An Intrusion Kill Chain Prevention Tactic
- Cyber Threat Intelligence: A Tactic for All First Principles Strategies but Primarily for Intrusion Kill Chain Prevention
- Cyber Threat Intelligence Operations As a Journey.
- Red/Blue/Purple Team Operations: A Tactic for Intrusion Kill Chain Prevention
- Intelligence Sharing: A Tactic for Intrusion Kill Chain Prevention
- Conclusion
- Chapter 5 Resilience
- Overview
- What Is Resilience?
- Resilience Examples
- IT Resilience and Infosec Resilience
- Resilience vs. Resiliency Planning
- Herding the Cats: Responsibility Assignment Matrices
- How to Think About Resilience
- Crisis Handling: A Tactic for Resilience
- RSA Security: A Case Study in Crisis Communications
- Equifax: A Case Study in Crisis Communications
- Desired Outcomes
- Executives Are Busy: Exercise Them Efficiently
- Backups: A Tactic for Resilience
- Backups As a Strategy Against Ransomware
- Option 1: Centralized Backup Platforms for All Data Islands
- Option 2: One-Off Decentralized Backup Systems
- Option 3: DevOps (DevSecOps) for Each Application
- How Do You Get to Carnegie Hall? Practice
- Encryption: A Tactic for Resilience
- Data at Rest and Data in Motion
- The First Principle Encryption Tactic Is Recursive
- Incident Response: A Tactic for Resilience
- The NIST Guides on Cybersecurity and Incident Response
- The Technical Side of Incident Response
- Conclusion
- Chapter 6 Risk Forecasting
- Overview
- Superforecasting, Fermi Estimates, and Black Swans
- Superforecaster Superpowers
- People Don't Think in Terms of Probabilities but Should
- Is Osama Bin Laden in the Bunker?
- Fermi Estimates Are Good Enough
- Black Swans and Resilience
- Changing My Mind
- Bayes Rule: A Different Way to Think About Cybersecurity Risk
- Bayes' Theorem
- Using Bayes to Defeat the Germans in WWII
- Consider the Bayes Rule for Cybersecurity Risk Forecasting
- Risk Forecasting with the Bayes Rule: A Practical Example
- But Wait, What About Me?
- How Do You Incorporate This New Data?.
- An Inside-Out Analysis: The First Principles
- An Inside-Out Analysis: The Contoso Corporation
- For the Contoso General View of the Business
- For the Contoso Technical Architecture
- For the Contoso Zero Trust Deployment
- For the Contoso Resilience Deployment
- For the Contoso Intrusion Kill Chain Deployment
- An Inside-Out Analysis: First Principle Strategies
- What Now? Are We Within the Risk Tolerance of the Business?
- Conclusion
- Chapter 7 Automation
- Overview
- Why Security Automation Is Essential
- Early History of Software Development Philosophies
- Agile Becomes the Challenger
- When Do We Start Thinking About Security?
- Coding the Infrastructure
- DevSecOps: An Essential Tactic for Automation
- What Happened to Security?
- DevSecOps on Track
- DevSecOps As a First Principle Strategy
- Final Thoughts About Automation As a Strategy
- Compliance: A First Principle Tactic That Cuts Across All Strategies
- Compliance Industry
- Two Compliance Categories: Ticket to Ride, Penalties, and Fines
- The Probability of Material Impact Due to Noncompliance
- Is Compliance a First Principle Tactic?
- Chaos Engineering for Automation and Resilience
- History of Chaos Engineering
- What Does Chaos Engineering Have to Do with Automation and Resilience?
- Conclusion
- Chapter 8 Summation
- Overview
- Zero Trust
- Intrusion Kill Chain Prevention
- Resilience
- Risk Forecasting
- Automation
- Conclusion
- Index
- EULA.
