0

Enterprise Cybersecurity Study Guide

eBook - How to Build a Successful Cyberdefense Program Against Advanced Threats

Siegel, Stanley G/Donaldson, Scott E/Williams, Chris K et al
Erschienen am 22.03.2018, 1. Auflage 2018
93,95 €
(inkl. MwSt.)

Download

E-Book Download
Bibliografische Daten
ISBN/EAN: 9781484232583
Sprache: Englisch
Umfang: 0 S., 54.51 MB
E-Book
Format: PDF
DRM: Digitales Wasserzeichen

Beschreibung

Use the methodology in this study guide to design, manage, and operate a balanced enterprise cybersecurity program that is pragmatic and realistic in the face of resource constraints and other real-world limitations. This guide is an instructional companion to the book Enterprise Cybersecurity: How to Build a Successful Cyberdefense Program Against Advanced Threats. The study guide will help you understand the books ideas and put them to work. The guide can be used for self-study or in the classroom.

Enterprise cybersecurity is about implementing a cyberdefense program that will succeed in defending against real-world attacks. While we often know what should be done, the resources to do it often are not sufficient. The reality is that the Cybersecurity Conundrumwhat the defenders request, what the frameworks specify, and what the budget allows versus what the attackers exploitgets in the way of what needs to be done. Cyberattacks in the headlines affecting millions of people show that this conundrum fails more often than we would prefer.

Cybersecurity professionals want to implement more than what control frameworks specify, and more than what the budget allows. Ironically, another challenge is that even when defenders get everything that they want, clever attackers are extremely effective at finding and exploiting the gaps in those defenses, regardless of their comprehensiveness. Therefore, the cybersecurity challenge is to spend the available budget on the right protections, so that real-world attacks can be thwarted without breaking the bank.

People involved in or interested in successful enterprise cybersecurity can use this study guide to gain insight into a comprehensive framework for coordinating an entire enterprise cyberdefense program.

What Youll Learn
Know the methodology of targeted attacks and why they succeedMaster the cybersecurity risk management processUnderstand why cybersecurity capabilities are the foundation of effective cyberdefensesOrganize a cybersecurity program's policy, people, budget, technology, and assessmentAssess and score a cybersecurity programReport cybersecurity program status against compliance and regulatory frameworksUse the operational processes and supporting information systems of a successful cybersecurity programCreate a data-driven and objectively managed cybersecurity programDiscover how cybersecurity is evolving and will continue to evolve over the next decade

Who This Book Is For

Those involved in or interested in successful enterprise cybersecurity (e.g., business professionals, IT professionals, cybersecurity professionals, and students). This guide can be used in a self-study mode. The book can be used by students to facilitate note-taking in the classroom and by Instructors to develop classroom presentations based on the contents of the original book,Enterprise Cybersecurity: How to Build a Successful Cyberdefense Program Against Advanced Threats.

Autorenportrait

Scott Donaldson has professional experience in the defense, federal government, commercial, and university marketplaces. His expertise includes multi-hundred-million-dollar program management, systems development, information technology, business operations, business development, and technology cultural change. He has served in a wide variety of leadership roles, including Chief Technology Officer (CTO), IT Director, Chief Systems Engineer (CSE), Program Manager, Line Manager, and Business Development Capture Manager. Scott has co-authored three software engineering books:Successful Software Development: Making It Happen, 2nd Edition;Successful Software Development: Study Guide; andCultivating Successful Software Development: A Practitioners View. Scott also co-authoredCTOs at Work (Apress) andEnterprise Cybersecurity: How to Build a Successful Cyberdefense Program Against Advanced Threats (Apress).

Dr. Stanley Siegel has progressive professional experience as a systems engineer, mathematician, and computer specialist. He started his career with the US Government in the Department of Commerce and then the Department of Defense. After his government service, he was with Grumman for 15 years and Science Applications International Corporation (SAIC) for over 20 years. He helped SAIC grow to an $11 billion leader in scientific, engineering, and technical solutions with hundreds of millions of dollars in new business. Dr. Siegel has co-authored four software engineering books, including the seminal software engineering textbook Software Configuration Management: An Investment in Product Integrity. He has contributed to a number of books, including the Encyclopedia of Software Engineering, Software Project Management Success Factors (Reducing the Likelihood of Software Failures); and the Handbook of Software Quality Assurance, Software Configuration ManagementA Practical Look, 3rd Edition.

Chris Williams has been involved in the cybersecurity field since 1994 in a combination of US military and commercial positions. He has been with Leidos (formerly SAIC) since 2003 focusing on enterprise cybersecurity and compliance, and before that EDS (now HP) and Booz Allen Hamilton. He is a veteran of the US Army, having served five years with the 82nd Airborne Division and 35th Signal Brigade. He has worked on cybersecurity projects with the US Army, Defense Information Systems Agency, Department of State, Defense Intelligence Agency, and numerous other commercial and government organizations designing integrated solutions to protect against modern threats. Chris co-authoredEnterprise Cybersecurity: How to Build a Successful Cyberdefense Program Against Advanced Threats (Apress).

Abdul Aslam has over 20 years of experience in devising risk acceptance and compliance frameworks, application security, security operations, and information protection. He is Director of Cyber Security Compliance and Risk Management for Leidos where he is in charge of delivering secure, scalable, security solutions, policy governance, and strategic technology support. He has worked on numerous IT projects with a proven record of pioneering innovative systems analysis processes and secure application designs that improve availability, integrity, confidentiality, reliability, effectiveness, and efficiency of technology services. Abdul co-authoredEnterprise Cybersecurity: How to Build a Successful Cyberdefense Program Against Advanced Threats (Apress) and has presented on cybersecurity at International Information Systems Security Certification Consortium (ISC)2 and the Information Systems Security Association (ISSA).

Inhalt

Part I: The Cybersecurity Challenge.- Chapter 1: Defining the Cybersecurity Challenge.- Chapter 2: Meeting the Cybersecurity Challenge.- Part II: A New Enterprise Cybersecurity Architecture.- Chapter 3: Enterprise Cybersecurity Architecture.- Chapter 4: Implementing Enterprise Cybersecurity.- Chapter 5: Operating Enterprise Cybersecurity.- Chapter 6: Enterprise Cybersecurity and the Cloud.- Chapter 7: Enterprise Cybersecurity for Mobile and BYOD.- Part III: The Art of Cyber Defense.- Chapter 8: Building an Effective Defense.- Chapter 9: Responding to Incidents.- Chapter 10: Managing a Cybersecurity Crisis.- Part IV: Enterprise Cyber Defense Assessment.- Chapter 11: Assessing Enterprise Cybersecurity.- Chapter 12: Measuring a Cybersecurity Program.- Chapter 13: Mapping Against Cybersecurity Frameworks.- Part V: Enterprise Cybersecurity Program.- Chapter 14: Managing an Enterprise Cybersecurity Program.- Chapter 15: Looking to the Future.- Part VI: Appendices.- Appendix A: Sample Cybersecurity Policy.- Appendix B: Cybersecurity Operational Processes.- Appendix C: Object Measurement.- Appendix D: Cybersecurity Sample Assessment.- Appendix E: Cybersecurity Capability Value Scales.

Informationen zu E-Books

„E-Book“ steht für digitales Buch. Um diese Art von Büchern lesen zu können wird entweder eine spezielle Software für Computer, Tablets und Smartphones oder ein E-Book Reader benötigt. Da viele verschiedene Formate (Dateien) für E-Books existieren, gilt es dabei, einiges zu beachten.
Von uns werden digitale Bücher in drei Formaten ausgeliefert. Die Formate sind EPUB mit DRM (Digital Rights Management), EPUB ohne DRM und PDF. Bei den Formaten PDF und EPUB ohne DRM müssen Sie lediglich prüfen, ob Ihr E-Book Reader kompatibel ist. Wenn ein Format mit DRM genutzt wird, besteht zusätzlich die Notwendigkeit, dass Sie einen kostenlosen Adobe® Digital Editions Account besitzen. Wenn Sie ein E-Book, das Adobe® Digital Editions benötigt herunterladen, erhalten Sie eine ASCM-Datei, die zu Digital Editions hinzugefügt und mit Ihrem Account verknüpft werden muss. Einige E-Book Reader (zum Beispiel PocketBook Touch) unterstützen auch das direkte Eingeben der Login-Daten des Adobe Accounts – somit können diese ASCM-Dateien direkt auf das betreffende Gerät kopiert werden.
Da E-Books nur für eine begrenzte Zeit – in der Regel 6 Monate – herunterladbar sind, sollten Sie stets eine Sicherheitskopie auf einem Dauerspeicher (Festplatte, USB-Stick oder CD) vorsehen. Auch ist die Menge der Downloads auf maximal 5 begrenzt.