Book Image

The Cybersecurity Playbook for Modern Enterprises

By : Jeremy Wittkop
Book Image

The Cybersecurity Playbook for Modern Enterprises

By: Jeremy Wittkop

Overview of this book

Security is everyone's responsibility and for any organization, the focus should be to educate their employees about the different types of security attacks and how to ensure that security is not compromised. This cybersecurity book starts by defining the modern security and regulatory landscape, helping you understand the challenges related to human behavior and how attacks take place. You'll then see how to build effective cybersecurity awareness and modern information security programs. Once you've learned about the challenges in securing a modern enterprise, the book will take you through solutions or alternative approaches to overcome those issues and explain the importance of technologies such as cloud access security brokers, identity and access management solutions, and endpoint security platforms. As you advance, you'll discover how automation plays an important role in solving some key challenges and controlling long-term costs while building a maturing program. Toward the end, you'll also find tips and tricks to keep yourself and your loved ones safe from an increasingly dangerous digital world. By the end of this book, you'll have gained a holistic understanding of cybersecurity and how it evolves to meet the challenges of today and tomorrow.
Table of Contents (15 chapters)
Section 1 – Modern Security Challenges
Section 2 – Building an Effective Program
Section 3 – Solutions to Common Problems

A framework for effective training

Effective information security training does not happen by accident. It requires an intentional effort to improve the cybersecurity awareness of the average employee. There are numerous topics that should be covered in an information security awareness program, but not all of them are relevant to every employee. For example, if a small percentage of employees handle personal information, those employees need to be trained on the proper handling of that information, but the same training that may be critical for those employees may be irrelevant to others. Defining what training modules are relevant based on roles will help tailor the program to roles properly. Tailoring the program is an important point. Generic training where much of the content is irrelevant to most attendees results in poor engagement and little progress. The more tailored the content is, the more likely it is that attendees will gain something valuable from the experience.