Cybersecurity threats, malware trends, and strategies : discover risk mitigation strategies for modern threats to your organization / Tim Rains, Timothy Youngblood.

Author
Rains, Tim [Browse]
Format
Book
Language
English
Εdition
Second edition.
Published/​Created
Birmingham, England ; Mumbai : Packt Publishing, [2023]
Description
1 online resource (585 pages)

Details

Subject(s)
Author
Series
Expert insight. [More in this series]
Summary note
Tim Rains is Microsoft's former Global Chief Security Advisor and Amazon Web Services' former Global Security Leader for Worldwide Public Sector. He has spent the last two decades advising private and public sector organizations all over the world on cybersecurity strategies. Cybersecurity Threats, Malware Trends, and Strategies, Second Edition builds upon the success of the first edition that has helped so many aspiring CISOs, and cybersecurity professionals understand and develop effective data-driven cybersecurity strategies for their organizations. In this edition, you'll examine long-term trends in vulnerability disclosures and exploitation, regional differences in malware infections and the socio-economic factors that underpin them, and how ransomware evolved from an obscure threat to the most feared threat in cybersecurity. You'll also gain valuable insights into the roles that governments play in cybersecurity, including their role as threat actors, and how to mitigate government access to data. The book concludes with a deep dive into modern approaches to cybersecurity using the cloud. By the end of this book, you will have a better understanding of the threat landscape, how to recognize good Cyber Threat Intelligence, and how to measure the effectiveness of your organization's cybersecurity strategy.
Source of description
Description based on print version record.
Contents
  • Cover
  • Copyright page
  • Contributors
  • Preface
  • Chapter 1: Introduction
  • Different types of CISOs: "The CISO Spectrum"
  • How organizations get initially compromised and the cybersecurity fundamentals
  • Unpatched vulnerabilities
  • Security misconfigurations
  • Weak, leaked, and stolen credentials
  • Social engineering
  • Insider threats
  • Focus on the cybersecurity fundamentals
  • Understanding the difference between attackers' motivations and tactics
  • Summary
  • References
  • Chapter 2: What to Know about Threat Intelligence
  • What is threat intelligence?
  • Where does CTI data come from?
  • Using threat intelligence
  • The key to using threat intelligence
  • Threat intelligence sharing
  • CTI sharing protocols
  • Traffic Light Protocol
  • STIX and TAXII
  • Reasons not to share CTI
  • How to identify credible cyber threat intelligence
  • Data sources
  • Time periods
  • Recognizing hype
  • Predictions about the future
  • Vendors' motives
  • Chapter 3: Using Vulnerability Trends to Reduce Risk and Costs
  • Introduction
  • Vulnerability Management Primer
  • Vulnerability Disclosure Data Sources
  • Industry Vulnerability Disclosure Trends
  • Vendor and Product Vulnerability Trends
  • Reducing Risk and Costs - Measuring Vendor and Product Improvement
  • Microsoft Vulnerability Trends
  • Oracle Vulnerability Trends
  • Google Vulnerability Trends
  • Debian Vulnerability Trends
  • Apple Vulnerability Trends
  • Vendor Vulnerability Trend Summary
  • Operating System Vulnerability Trends
  • Google Android Vulnerability Trends
  • Apple iOS Vulnerability Trends
  • Mobile Operating System Summary
  • Microsoft Windows 10 Vulnerability Trends
  • Apple macOS Vulnerability Trends
  • Desktop Operating System Summary
  • Ubuntu Linux Vulnerability Trends
  • Linux Kernel Vulnerability Trends.
  • Microsoft Windows Server 2016 Vulnerability Trends
  • Server Operating System Summary
  • Web Browser Vulnerability Trends
  • Apple Safari Vulnerability Trends
  • Google Chrome Vulnerability Trends
  • Web Browser Summary
  • Vulnerability Improvement Framework Summary
  • Vulnerability Management Guidance
  • Chapter 4: The Evolution of Malware
  • Why is there so much malware on Windows compared to other platforms?
  • The Malicious Software Removal Tool
  • Real-time anti-malware tools
  • Non-security data sources
  • About malware
  • How malware infections spread
  • Trojans
  • Potentially unwanted software
  • Exploits and exploit kits
  • Worms
  • Ransomware
  • Viruses
  • Browser modifiers
  • Measuring malware prevalence
  • Global Windows malware infection analysis
  • Regional Windows malware infection analysis
  • The threat landscape in the Middle East and Northern Africa
  • 10-year regional report card for the Middle East and Northern Africa
  • The threat landscape in the European Union and Eastern Europe
  • 10-year regional report card for the European Union
  • 10-year regional report card for select Eastern European locations
  • The threat landscape in select locations in Asia and Oceania
  • 10-year regional report card for Asia and Oceania
  • The threat landscape in select locations in the Americas
  • 10-year regional report card for the Americas
  • Regional Windows malware infection analysis conclusions
  • What does this all mean for CISOs and enterprise security teams?
  • Global malware evolution
  • Global malware evolution conclusions
  • The evolution of ransomware
  • Delivery mechanisms
  • Execution mechanisms
  • Ransom payment methods
  • Ransom demands and communications
  • Business model
  • The great debate - are anti-malware solutions really worthwhile?
  • References.
  • Chapter 5: Internet-Based Threats
  • A typical attack
  • Phishing attacks
  • Mitigating phishing
  • Drive-by download attacks
  • Mitigating drive-by download attacks
  • Malware-hosting sites
  • Mitigating malware distribution
  • Post compromise - botnets and DDoS attacks
  • Chapter 6: The Roles Governments Play in Cybersecurity
  • The pursuit of happiness
  • Governments as cybersecurity market participants
  • Governments as standards bodies
  • Governments as enforcers
  • Regulators
  • Law enforcement
  • Governments as defenders
  • Public safety
  • National security
  • Military
  • Chapter 7: Government Access to Data
  • Understanding government access to data
  • The signals intelligence scenario
  • The unlawful government access to data scenario
  • The lawful government access to data scenario
  • Lawful government access to data
  • The CLOUD Act and the PATRIOT Act
  • Managing the risk of government access to data
  • The volume of law enforcement requests
  • The probability of US law enforcement accessing data in the cloud
  • The GDPR, FISA Section 702, and Schrems II
  • The Probability of US Intelligence Accessing Data in the Cloud
  • Mitigating government access to data
  • Setting and understanding the scope
  • Setting realistic objectives
  • Planning data protection controls
  • Conclusion
  • Chapter 8: Ingredients for a Successful Cybersecurity Strategy
  • What is a cybersecurity strategy?
  • Other ingredients for a successful strategy
  • Business objective alignment
  • Cybersecurity vision, mission, and imperatives
  • Senior executive and board support
  • Understand the risk appetite
  • Realistic view of current cybersecurity capabilities and technical talent
  • Compliance program and control framework alignment.
  • An effective relationship between cybersecurity and IT
  • Security culture
  • Chapter 9: Cybersecurity Strategies
  • Measuring the efficacy of cybersecurity strategies
  • Cybersecurity strategies
  • Protect and Recover Strategy
  • CFSS score
  • Protect and Recover Strategy summary
  • Endpoint Protection Strategy
  • Endpoint Protection Strategy summary
  • Physical control and security clearances as a security strategy
  • Physical Control and Security Clearances Strategy summary
  • Compliance as a Security Strategy
  • Compliance as a Security Strategy summary
  • Application-Centric Strategy
  • Application-Centric Strategy summary
  • Identity-Centric Strategy
  • Identity-Centric Strategy summary
  • Data-Centric Strategy
  • Data-Centric Strategy summary
  • Attack-Centric Strategy
  • Attack-Centric Strategy summary
  • Zero Trust
  • Cybersecurity strategies summary
  • DevOps and DevSecOps
  • Chapter 10: Strategy Implementation
  • What is an Intrusion Kill Chain?
  • Modernizing the Kill Chain
  • Mapping the Cybersecurity Usual Suspects
  • Updating the matrix
  • Intrusion Kill Chain or ATT&
  • CK?
  • Getting started
  • Maturity of current cybersecurity capabilities
  • Pervasiveness of current cybersecurity capabilities
  • Who consumes the data?
  • Cybersecurity license renewals
  • Implementing this strategy
  • Rationalizing the matrix - gaps, under-investments, and over-investments
  • Identifying gaps
  • Identifying areas of under-investment
  • Identifying areas of over-investment
  • Planning your implementation
  • Designing control sets
  • Attack phase - Reconnaissance I
  • Example controls for Reconnaissance I
  • Insights from ATT&
  • CK.
  • Attack phase - Delivery
  • Example controls for Delivery
  • CK
  • Attack phase - Exploitation
  • Example controls for Exploitation
  • Attack phase - Installation
  • Example controls for Installation
  • Attack phase - Command and Control (C2)
  • Example controls for C2
  • Attack phase - Reconnaissance II
  • Example controls for Reconnaissance II
  • Attack phase - Actions on Objectives
  • Example controls for Actions on Objectives
  • Chapter 11: Measuring Performance and Effectiveness
  • Using vulnerability management data
  • Assets under management versus total assets
  • Known unpatched vulnerabilities
  • Unpatched vulnerabilities by severity
  • Vulnerabilities by product type
  • Measuring the performance and efficacy of an Attack-Centric Strategy
  • Performing intrusion reconstructions
  • Using intrusion reconstruction results
  • Identifying lame controls
  • Learning from failure
  • Identifying helpful vendors
  • Informing internal assessments
  • Adversary emulations leveraging ATT&
  • Chapter 12: Modern Approaches to Security and Compliance
  • How is cloud computing different?
  • Cloud Service Providers versus Managed Service Providers
  • Migrating to the cloud
  • Cybersecurity assessment questionnaires
  • Security and compliance game changers
  • The power of APIs
  • The advantages of automation
  • Mitigating insider threat and social engineering
  • Mitigating unpatched vulnerabilities
  • Mitigating security misconfigurations
  • Mitigating weak, leaked and stolen credentials
  • Security and compliance game changers - summary.
  • Using cybersecurity strategies in the cloud.
ISBN
  • 9781804618950
  • 1804618950
OCLC
1367350753
Statement on responsible collection description
Princeton University Library aims to describe library materials in a manner that is respectful to the individuals and communities who create, use, and are represented in the collections we manage. Read more...
Other views
Staff view

Supplementary Information