Skip to search
Skip to main content
Search in
Keyword
Title (keyword)
Author (keyword)
Subject (keyword)
Title starts with
Subject (browse)
Author (browse)
Author (sorted by title)
Call number (browse)
search for
Search
Advanced Search
Bookmarks
(
0
)
Princeton University Library Catalog
Start over
Cite
Send
to
SMS
Email
EndNote
RefWorks
RIS
Printer
Bookmark
Cybersecurity threats, malware trends, and strategies : discover risk mitigation strategies for modern threats to your organization / Tim Rains, Timothy Youngblood.
Author
Rains, Tim
[Browse]
Format
Book
Language
English
Εdition
Second edition.
Published/Created
Birmingham, England ; Mumbai : Packt Publishing, [2023]
Description
1 online resource (585 pages)
Details
Subject(s)
Computer security
[Browse]
Cyberterrorism
[Browse]
Malware (Computer software)
[Browse]
Author
Youngblood, Timothy
[Browse]
Series
Expert insight.
[More in this series]
Summary note
Tim Rains is Microsoft's former Global Chief Security Advisor and Amazon Web Services' former Global Security Leader for Worldwide Public Sector. He has spent the last two decades advising private and public sector organizations all over the world on cybersecurity strategies. Cybersecurity Threats, Malware Trends, and Strategies, Second Edition builds upon the success of the first edition that has helped so many aspiring CISOs, and cybersecurity professionals understand and develop effective data-driven cybersecurity strategies for their organizations. In this edition, you'll examine long-term trends in vulnerability disclosures and exploitation, regional differences in malware infections and the socio-economic factors that underpin them, and how ransomware evolved from an obscure threat to the most feared threat in cybersecurity. You'll also gain valuable insights into the roles that governments play in cybersecurity, including their role as threat actors, and how to mitigate government access to data. The book concludes with a deep dive into modern approaches to cybersecurity using the cloud. By the end of this book, you will have a better understanding of the threat landscape, how to recognize good Cyber Threat Intelligence, and how to measure the effectiveness of your organization's cybersecurity strategy.
Source of description
Description based on print version record.
Contents
Cover
Copyright page
Contributors
Preface
Chapter 1: Introduction
Different types of CISOs: "The CISO Spectrum"
How organizations get initially compromised and the cybersecurity fundamentals
Unpatched vulnerabilities
Security misconfigurations
Weak, leaked, and stolen credentials
Social engineering
Insider threats
Focus on the cybersecurity fundamentals
Understanding the difference between attackers' motivations and tactics
Summary
References
Chapter 2: What to Know about Threat Intelligence
What is threat intelligence?
Where does CTI data come from?
Using threat intelligence
The key to using threat intelligence
Threat intelligence sharing
CTI sharing protocols
Traffic Light Protocol
STIX and TAXII
Reasons not to share CTI
How to identify credible cyber threat intelligence
Data sources
Time periods
Recognizing hype
Predictions about the future
Vendors' motives
Chapter 3: Using Vulnerability Trends to Reduce Risk and Costs
Introduction
Vulnerability Management Primer
Vulnerability Disclosure Data Sources
Industry Vulnerability Disclosure Trends
Vendor and Product Vulnerability Trends
Reducing Risk and Costs - Measuring Vendor and Product Improvement
Microsoft Vulnerability Trends
Oracle Vulnerability Trends
Google Vulnerability Trends
Debian Vulnerability Trends
Apple Vulnerability Trends
Vendor Vulnerability Trend Summary
Operating System Vulnerability Trends
Google Android Vulnerability Trends
Apple iOS Vulnerability Trends
Mobile Operating System Summary
Microsoft Windows 10 Vulnerability Trends
Apple macOS Vulnerability Trends
Desktop Operating System Summary
Ubuntu Linux Vulnerability Trends
Linux Kernel Vulnerability Trends.
Microsoft Windows Server 2016 Vulnerability Trends
Server Operating System Summary
Web Browser Vulnerability Trends
Apple Safari Vulnerability Trends
Google Chrome Vulnerability Trends
Web Browser Summary
Vulnerability Improvement Framework Summary
Vulnerability Management Guidance
Chapter 4: The Evolution of Malware
Why is there so much malware on Windows compared to other platforms?
The Malicious Software Removal Tool
Real-time anti-malware tools
Non-security data sources
About malware
How malware infections spread
Trojans
Potentially unwanted software
Exploits and exploit kits
Worms
Ransomware
Viruses
Browser modifiers
Measuring malware prevalence
Global Windows malware infection analysis
Regional Windows malware infection analysis
The threat landscape in the Middle East and Northern Africa
10-year regional report card for the Middle East and Northern Africa
The threat landscape in the European Union and Eastern Europe
10-year regional report card for the European Union
10-year regional report card for select Eastern European locations
The threat landscape in select locations in Asia and Oceania
10-year regional report card for Asia and Oceania
The threat landscape in select locations in the Americas
10-year regional report card for the Americas
Regional Windows malware infection analysis conclusions
What does this all mean for CISOs and enterprise security teams?
Global malware evolution
Global malware evolution conclusions
The evolution of ransomware
Delivery mechanisms
Execution mechanisms
Ransom payment methods
Ransom demands and communications
Business model
The great debate - are anti-malware solutions really worthwhile?
References.
Chapter 5: Internet-Based Threats
A typical attack
Phishing attacks
Mitigating phishing
Drive-by download attacks
Mitigating drive-by download attacks
Malware-hosting sites
Mitigating malware distribution
Post compromise - botnets and DDoS attacks
Chapter 6: The Roles Governments Play in Cybersecurity
The pursuit of happiness
Governments as cybersecurity market participants
Governments as standards bodies
Governments as enforcers
Regulators
Law enforcement
Governments as defenders
Public safety
National security
Military
Chapter 7: Government Access to Data
Understanding government access to data
The signals intelligence scenario
The unlawful government access to data scenario
The lawful government access to data scenario
Lawful government access to data
The CLOUD Act and the PATRIOT Act
Managing the risk of government access to data
The volume of law enforcement requests
The probability of US law enforcement accessing data in the cloud
The GDPR, FISA Section 702, and Schrems II
The Probability of US Intelligence Accessing Data in the Cloud
Mitigating government access to data
Setting and understanding the scope
Setting realistic objectives
Planning data protection controls
Conclusion
Chapter 8: Ingredients for a Successful Cybersecurity Strategy
What is a cybersecurity strategy?
Other ingredients for a successful strategy
Business objective alignment
Cybersecurity vision, mission, and imperatives
Senior executive and board support
Understand the risk appetite
Realistic view of current cybersecurity capabilities and technical talent
Compliance program and control framework alignment.
An effective relationship between cybersecurity and IT
Security culture
Chapter 9: Cybersecurity Strategies
Measuring the efficacy of cybersecurity strategies
Cybersecurity strategies
Protect and Recover Strategy
CFSS score
Protect and Recover Strategy summary
Endpoint Protection Strategy
Endpoint Protection Strategy summary
Physical control and security clearances as a security strategy
Physical Control and Security Clearances Strategy summary
Compliance as a Security Strategy
Compliance as a Security Strategy summary
Application-Centric Strategy
Application-Centric Strategy summary
Identity-Centric Strategy
Identity-Centric Strategy summary
Data-Centric Strategy
Data-Centric Strategy summary
Attack-Centric Strategy
Attack-Centric Strategy summary
Zero Trust
Cybersecurity strategies summary
DevOps and DevSecOps
Chapter 10: Strategy Implementation
What is an Intrusion Kill Chain?
Modernizing the Kill Chain
Mapping the Cybersecurity Usual Suspects
Updating the matrix
Intrusion Kill Chain or ATT&
CK?
Getting started
Maturity of current cybersecurity capabilities
Pervasiveness of current cybersecurity capabilities
Who consumes the data?
Cybersecurity license renewals
Implementing this strategy
Rationalizing the matrix - gaps, under-investments, and over-investments
Identifying gaps
Identifying areas of under-investment
Identifying areas of over-investment
Planning your implementation
Designing control sets
Attack phase - Reconnaissance I
Example controls for Reconnaissance I
Insights from ATT&
CK.
Attack phase - Delivery
Example controls for Delivery
CK
Attack phase - Exploitation
Example controls for Exploitation
Attack phase - Installation
Example controls for Installation
Attack phase - Command and Control (C2)
Example controls for C2
Attack phase - Reconnaissance II
Example controls for Reconnaissance II
Attack phase - Actions on Objectives
Example controls for Actions on Objectives
Chapter 11: Measuring Performance and Effectiveness
Using vulnerability management data
Assets under management versus total assets
Known unpatched vulnerabilities
Unpatched vulnerabilities by severity
Vulnerabilities by product type
Measuring the performance and efficacy of an Attack-Centric Strategy
Performing intrusion reconstructions
Using intrusion reconstruction results
Identifying lame controls
Learning from failure
Identifying helpful vendors
Informing internal assessments
Adversary emulations leveraging ATT&
Chapter 12: Modern Approaches to Security and Compliance
How is cloud computing different?
Cloud Service Providers versus Managed Service Providers
Migrating to the cloud
Cybersecurity assessment questionnaires
Security and compliance game changers
The power of APIs
The advantages of automation
Mitigating insider threat and social engineering
Mitigating unpatched vulnerabilities
Mitigating security misconfigurations
Mitigating weak, leaked and stolen credentials
Security and compliance game changers - summary.
Using cybersecurity strategies in the cloud.
Show 232 more Contents items
ISBN
9781804618950
1804618950
OCLC
1367350753
Statement on responsible collection description
Princeton University Library aims to describe library materials in a manner that is respectful to the individuals and communities who create, use, and are represented in the collections we manage.
Read more...
Other views
Staff view
Ask a Question
Suggest a Correction
Supplementary Information