Book Image

The Cybersecurity Playbook for Modern Enterprises

By : Jeremy Wittkop
Book Image

The Cybersecurity Playbook for Modern Enterprises

By: Jeremy Wittkop

Overview of this book

Security is everyone's responsibility and for any organization, the focus should be to educate their employees about the different types of security attacks and how to ensure that security is not compromised. This cybersecurity book starts by defining the modern security and regulatory landscape, helping you understand the challenges related to human behavior and how attacks take place. You'll then see how to build effective cybersecurity awareness and modern information security programs. Once you've learned about the challenges in securing a modern enterprise, the book will take you through solutions or alternative approaches to overcome those issues and explain the importance of technologies such as cloud access security brokers, identity and access management solutions, and endpoint security platforms. As you advance, you'll discover how automation plays an important role in solving some key challenges and controlling long-term costs while building a maturing program. Toward the end, you'll also find tips and tricks to keep yourself and your loved ones safe from an increasingly dangerous digital world. By the end of this book, you'll have gained a holistic understanding of cybersecurity and how it evolves to meet the challenges of today and tomorrow.
Table of Contents (15 chapters)
1
Section 1 – Modern Security Challenges
5
Section 2 – Building an Effective Program
9
Section 3 – Solutions to Common Problems

How attackers can leverage automation

Of course, attackers have access to the same technological capabilities as defenders. Like security professionals, attackers have experts creating technology for them, helping them with consulting and expertise on demand, and generally making their jobs easier. It is similar with automation. If AI algorithms are good at pattern recognition, this provides an opportunity for attackers to use those capabilities for nefarious purposes.

For example, could it be possible to train a machine learning algorithm on a list of best practices for incident response and teach a piece of malicious code to evade commonly deployed countermeasures? I couldn't imagine why not. Could attackers build self-healing worms that use multi-stage attacks to defeat commonly deployed security technologies? I think those types of sophisticated attacks are already happening.

The key point is to raise awareness that at its heart, security is about people attacking people...