Chapter summary
I covered a lot of ground in this chapter. But the context I provided here will be helpful for readers throughout the rest of this book. In this chapter, I introduced the cybersecurity fundamentals, the cybersecurity usual suspects, High Value Assets (HVAs), and other concepts, that I will relentlessly refer to throughout the rest of this book.
What is a cybersecurity strategy? There are at least two critical inputs to a cybersecurity strategy: your organization's HVAs, and the specific requirements, threats, and risks that apply to your organization, informed by the industry you are in, the place(s) in the world where you do business, and the people associated with the organization. If an HVA's confidentiality, integrity, or availability is compromised, the organization will fail or be severely disrupted. Therefore, identifying HVAs and prioritizing protection, detection, and response for them is critical. This does not give security teams permission...