Book Image

Cybersecurity Threats, Malware Trends, and Strategies - Second Edition

By : Tim Rains
3 (2)
Book Image

Cybersecurity Threats, Malware Trends, and Strategies - Second Edition

3 (2)
By: Tim Rains

Overview of this book

Tim Rains is Microsoft's former Global Chief Security Advisor and Amazon Web Services’ former Global Security Leader for Worldwide Public Sector. He has spent the last two decades advising private and public sector organizations all over the world on cybersecurity strategies. Cybersecurity Threats, Malware Trends, and Strategies, Second Edition builds upon the success of the first edition that has helped so many aspiring CISOs, and cybersecurity professionals understand and develop effective data-driven cybersecurity strategies for their organizations. In this edition, you’ll examine long-term trends in vulnerability disclosures and exploitation, regional differences in malware infections and the socio-economic factors that underpin them, and how ransomware evolved from an obscure threat to the most feared threat in cybersecurity. You’ll also gain valuable insights into the roles that governments play in cybersecurity, including their role as threat actors, and how to mitigate government access to data. The book concludes with a deep dive into modern approaches to cybersecurity using the cloud. By the end of this book, you will have a better understanding of the threat landscape, how to recognize good Cyber Threat Intelligence, and how to measure the effectiveness of your organization's cybersecurity strategy.

Related Content you might be interested in

Current Title:

Small book image
Cybersecurity Threats, Malware Trends, and Strategies - Second Edition
Tim Rains
Jan, 2023 | 584 pages
Small book image
Aligning Security Operations with the MITRE ATT&CK Framework
Rebecca Blair
May, 2023 | 192 pages
Small book image
The Cybersecurity Playbook for Modern Enterprises
Jeremy Wittkop
Mar, 2022 | 280 pages
Small book image
Cybersecurity and Privacy Law Handbook.
Walter Rocchi
Dec, 2022 | 230 pages
Table of Contents (15 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Get in touch
Share your thoughts
1
Introduction
Introduction
Different types of CISOs: “The CISO Spectrum”
How organizations get initially compromised and the cybersecurity fundamentals
Focus on the cybersecurity fundamentals
Understanding the difference between attackers’ motivations and tactics
Summary
References
Free Chapter
2
What to Know about Threat Intelligence
What to Know about Threat Intelligence
What is threat intelligence?
Where does CTI data come from?
Using threat intelligence
Threat intelligence sharing
How to identify credible cyber threat intelligence
Summary
References
3
Using Vulnerability Trends to Reduce Risk and Costs
Using Vulnerability Trends to Reduce Risk and Costs
Introduction
Vulnerability Management Primer
Vulnerability Disclosure Data Sources
Industry Vulnerability Disclosure Trends
Vulnerability Management Guidance
Summary
References
4
The Evolution of Malware
The Evolution of Malware
Introduction
Why is there so much malware on Windows compared to other platforms?
Data sources
About malware
Global Windows malware infection analysis
Regional Windows malware infection analysis
Global malware evolution
The evolution of ransomware
The great debate – are anti-malware solutions really worthwhile?
Summary
References
5
Internet-Based Threats
Internet-Based Threats
Introduction
A typical attack
Phishing attacks
Drive-by download attacks
Malware-hosting sites
Post compromise – botnets and DDoS attacks
Summary
References
6
The Roles Governments Play in Cybersecurity
The Roles Governments Play in Cybersecurity
The pursuit of happiness
Governments as cybersecurity market participants
Governments as standards bodies
Governments as enforcers
Governments as defenders
Summary
References
7
Government Access to Data
Government Access to Data
Understanding government access to data
Lawful government access to data
Mitigating government access to data
Conclusion
Summary
References
8
Ingredients for a Successful Cybersecurity Strategy
Ingredients for a Successful Cybersecurity Strategy
What is a cybersecurity strategy?
Other ingredients for a successful strategy
Summary
References
9
Cybersecurity Strategies
Cybersecurity Strategies
Introduction
Measuring the efficacy of cybersecurity strategies
Cybersecurity strategies
Protect and Recover Strategy
Endpoint Protection Strategy
Physical control and security clearances as a security strategy
Compliance as a Security Strategy
Application-Centric Strategy
Identity-Centric Strategy
Data-Centric Strategy
Attack-Centric Strategy
Zero Trust
Cybersecurity strategies summary
DevOps and DevSecOps
Summary
References
10
Strategy Implementation
Strategy Implementation
Introduction
What is an Intrusion Kill Chain?
Modernizing the Kill Chain
Getting started
Implementing this strategy
Designing control sets
Conclusion
Summary
References
11
Measuring Performance and Effectiveness
Measuring Performance and Effectiveness
Introduction
Using vulnerability management data
Measuring the performance and efficacy of an Attack-Centric Strategy
Summary
References
12
Modern Approaches to Security and Compliance
Modern Approaches to Security and Compliance
Introduction
How is cloud computing different?
Security and compliance game changers
Using cybersecurity strategies in the cloud
Encryption and key management
Conclusion
Summary
References
13
Other Books You May Enjoy
Other Books You May Enjoy
14
Index
Index

What to Know about Threat Intelligence

I admit it, I’m a threat intelligence data geek. I really enjoy studying threat intelligence. It helps me understand the tactics and techniques that are in vogue with attackers and how the threat landscape is evolving. One of the best jobs I had at Microsoft was working as a Director of Trustworthy Computing. In this role I was the executive editor and a contributor to the Microsoft Security Intelligence Report, which we called “the SIR.” During the 8 or 9 years I helped produce the SIR, we published more than 20 volumes and special editions of this report, spanning thousands of pages. I gave literally thousands of threat intelligence briefings for customers around the world, as well as press and analyst interviews. I can tell you from experience, interviews on live television in front of millions of people, discussing threat intelligence, are nerve-wracking! (BBC News, 2013).

Building and publishing the SIR was a lot of work, but very rewarding. In this role, I had the opportunity to work with so many smart people in the Microsoft Security Response Center (MSRC), the Microsoft Malware Protection Center (MMPC), the Microsoft Digital Crimes Unit (DCU), the Security Development Lifecycle (SDL) team, Microsoft IT, and many others. Doing this work gave me a deep appreciation for the value of good threat intelligence and some of the ways it is produced. Microsoft has continued to invest in threat intelligence and they now have a center dedicated to it called the Microsoft Threat Intelligence Center (MSTIC), in which a few of my former colleagues work.

I provide a deep dive into data from the SIR in Chapter 4, The Evolution of Malware. I also provide a deep dive into security vulnerabilities in Chapter 3, Using Vulnerability Trends to Reduce Risk and Costs.

But before I get to this data, let me provide some useful context to help you consume the data in those chapters and other threat intelligence you encounter in your career.

Previous Section
End of Section 1
Next Section