Book Image

The Cybersecurity Playbook for Modern Enterprises

By : Jeremy Wittkop
Book Image

The Cybersecurity Playbook for Modern Enterprises

By: Jeremy Wittkop

Overview of this book

Security is everyone's responsibility and for any organization, the focus should be to educate their employees about the different types of security attacks and how to ensure that security is not compromised. This cybersecurity book starts by defining the modern security and regulatory landscape, helping you understand the challenges related to human behavior and how attacks take place. You'll then see how to build effective cybersecurity awareness and modern information security programs. Once you've learned about the challenges in securing a modern enterprise, the book will take you through solutions or alternative approaches to overcome those issues and explain the importance of technologies such as cloud access security brokers, identity and access management solutions, and endpoint security platforms. As you advance, you'll discover how automation plays an important role in solving some key challenges and controlling long-term costs while building a maturing program. Toward the end, you'll also find tips and tricks to keep yourself and your loved ones safe from an increasingly dangerous digital world. By the end of this book, you'll have gained a holistic understanding of cybersecurity and how it evolves to meet the challenges of today and tomorrow.

Related Content you might be interested in

Current Title:

Small book image
The Cybersecurity Playbook for Modern Enterprises
Jeremy Wittkop
Mar, 2022 | 280 pages
Small book image
The Art of Social Engineering
Desilda Toska | Cesar Bravo
Oct, 2023 | 234 pages
Small book image
Managing Risks in Digital Transformation
Ashish Kumar | Abbas Kudrati | Shashank Kumar
Apr, 2023 | 242 pages
Small book image
Hands-On Cybersecurity for Finance
Erdal Ozkaya | Milad Aslaner
Jan, 2019 | 308 pages
Table of Contents (15 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Download the color images
Get in touch
Share Your Thoughts
1
Section 1 – Modern Security Challenges
Section 1 – Modern Security Challenges
Free Chapter
2
Chapter 1: Protecting People, Information, and Systems – a Growing Problem
Chapter 1: Protecting People, Information, and Systems – a Growing Problem
Why cybercrime is here to stay – a profitable business model
The macro-economic cost of cybercrime
The role of governments and regulation
The foundational elements of security
The cybersecurity talent shortage
Summary
Check your understanding
Further reading
3
Chapter 2: The Human Side of Cybersecurity
Chapter 2: The Human Side of Cybersecurity
People exploiting people
The three types of insider threats
Summary
Check your understanding
Further reading
4
Chapter 3: Anatomy of an Attack
Chapter 3: Anatomy of an Attack
Understanding the risk from targeted attacks
Stages of an attack
Extortion
Stealing information
System disruption or destruction
Attackers for hire
Summary
Check your understanding
Further reading
5
Section 2 – Building an Effective Program
Section 2 – Building an Effective Program
6
Chapter 4: Protecting People, Information, and Systems with Timeless Best Practices
Chapter 4: Protecting People, Information, and Systems with Timeless Best Practices
The most important threat vector
Time-honored best practices that could stop most breaches
Capabilities necessary in the remote world
The role of human behavior
The everything, everywhere world
Summary
Check your understanding
Further reading
7
Chapter 5: Protecting against Common Attacks by Partnering with End Users
Chapter 5: Protecting against Common Attacks by Partnering with End Users
A framework for effective training
Making your people your partners
Training people to protect against common hacking techniques
Tabletop exercises
Summary
Check your understanding
Further reading
8
Chapter 6: Information Security for a Changing World
Chapter 6: Information Security for a Changing World
Frames of reference
Challenges with the traditional information security model
Protecting information
Securing networks and workloads – past, present, and future
Securing identities and granting access
Securing endpoints
Summary
Check your understanding
Further reading
9
Section 3 – Solutions to Common Problems
Section 3 – Solutions to Common Problems
10
Chapter 7: Difficulty Securing the Modern Enterprise (with Solutions!)
Chapter 7: Difficulty Securing the Modern Enterprise (with Solutions!)
Cybersecurity talent shortage
Too much technology with too little process
What are we trying to accomplish?
Lack of continuing education
Summary
Check your understanding
Further reading
11
Chapter 8: Harnessing Automation Opportunities
Chapter 8: Harnessing Automation Opportunities
Defining automation opportunities
Gathering data and applying context
Testing the system
How attackers can leverage automation
Summary
Check your understanding
Further reading
12
Chapter 9: Cybersecurity at Home
Chapter 9: Cybersecurity at Home
Protecting children and teaching them about online safety
Password managers
Multifactor authentication
Password complexity and why it matters
Stop publishing your information!
Summary
Check your understanding
Further reading
13
Answers
Chapter 1
Chapter 2
Chapter 3
Chapter 4
Chapter 5
Chapter 6
Chapter 7
Chapter 8
Chapter 9
Why subscribe?
14
Other Books You May Enjoy
Other Books You May Enjoy
Packt is searching for authors like you
Share Your Thoughts

Summary

The challenges facing modern security teams are immense and rapidly evolving. As many security practitioners lament, the security team must be right 100% of the time and an attacker only has to get lucky once. While attackers can and do get lucky from time to time, assuming attackers are attacking organizations or individuals blindly is a misunderstanding of the current threat landscape. In most public cases, attackers are not getting lucky. They are launching their attacks using well-researched tactics against the weakest parts of an organization's security posture. Many times, the source of the breach is an employee who was not supported properly by training and technology and made a mistake, or a system that was left vulnerable long after a patch for a security vulnerability was available. It is true that no matter how well a security program is built and managed, it will not be impenetrable. However, there are many best practices and strategies available that will limit the likelihood and impact of an attack.

After reading this chapter, you now understand why cybercrime is attractive to criminals and the impacts it has on the global economy. You've learned about costs associated with identity theft and the different types of intellectual property, and how the proper protections for a piece of intellectual property vary based on the type of intellectual property and the associated legal protections. You have learned about how governments are responding to cybersecurity challenges around the world across data privacy, data sovereignty, and workers' councils. Finally, you learned about the foundational elements of security and the cybersecurity talent shortage that is making it so difficult for organizations to secure their environments. This knowledge will help form the basis of your understanding of cybersecurity and provide you with a framework to understand and articulate security concepts.

In the next chapter, we will specifically cover the human side of cybersecurity. Cybersecurity is fundamentally a people problem where people are attacking people. Understanding the people behind the attacks and the tactics is a critical element to establishing a cybersecurity foundation.

Previous Section
End of Section 7
Next Section