EnterpriseCybersecurity-Howtobuilda....

Cybersecurit

需积分: 9 67 浏览量更新于2023-05-26 评论收藏 23.04MB PDF 举报

身份认证购VIP最低享 7 折!

领优惠券(最高得80元）

资源详情

资源评论

资源推荐

Donaldson

Siegel

Williams

Aslam

Shelve in

Networking/Security

User level:

Beginning–Advanced

www.apress.com

BOOKS FOR PROFESSIONALS BY PROFESSIONALS

Enterprise Cybersecurity

Enterprise Cybersecurity empowers organizations of all sizes to defend themselves

with next-generation cybersecurity programs against the escalating threat of modern

targeted cyberattacks. This book presents a comprehensive framework for managing

all aspects of an enterprise cybersecurity program. It enables an enterprise to

architect, design, implement, and operate a coherent cybersecurity program that is

seamlessly coordinated with policy, programmatics, IT life cycle, and assessment.

Fail-safe cyberdefense is a pipe dream. Given sufficient time, an intelligent

attacker can eventually defeat defensive measures protecting an enterprise’s

computer systems and IT networks.

To prevail, an enterprise cybersecurity program must manage risk by detecting

attacks early enough and delaying them long enough that the defenders have

time to respond effectively. Enterprise Cybersecurity shows players at all levels

of responsibility how to unify their organization’s people, budgets, technologies,

and processes into a cost-efficient cybersecurity program capable of countering

advanced cyberattacks and containing damage in the event of a breach.

The authors of Enterprise Cybersecurity explain at both strategic and tactical

levels how to accomplish the mission of leading, designing, deploying, operating,

managing, and supporting cybersecurity capabilities in an enterprise environment.

The authors are recognized experts and thought leaders in this rapidly evolving

field, drawing on decades of collective experience in cybersecurity and IT. In

capacities ranging from executive strategist to systems architect to cybercombatant,

Scott E. Donaldson, Stanley G. Siegel, Chris K. Williams, and Abdul Aslam have

fought on the front lines of cybersecurity against advanced persistent threats to

government, military, and business entities.

9781430 260820

56999

ISBN 978-1-4302-6082-0

WOW! eBook

www.wowebook.org

Contents at a Glance

Foreword ��xxv

About the Authors �� xxvii

Acknowledgments ��xxix

Introduction ��xxxi

■Part I: The Cybersecurity Challenge �� 1

■Chapter 1: Deﬁning the Cybersecurity Challenge �� 3

■Chapter 2: Meeting the Cybersecurity Challenge �� 27

■Part II: A New Enterprise Cybersecurity Architecture �� 45

■Chapter 3: Enterprise Cybersecurity Architecture �� 47

■Chapter 4: Implementing Enterprise Cybersecurity �� 71

■Chapter 5: Operating Enterprise Cybersecurity �� 87

■Chapter 6: Enterprise Cybersecurity and the Cloud �� 105

■Chapter 7: Enterprise Cybersecurity for Mobile and BYOD �� 119

■Part III: The Art of Cyberdefense �� 131

■Chapter 8: Building an Effective Defense �� 133

■Chapter 9: Responding to Incidents �� 157

■Chapter 10: Managing a Cybersecurity Crisis �� 167

WOW! eBook

www.wowebook.org

■ CONTENTS AT A GLANCE

■Part IV: Enterprise Cyberdefense Assessment �� 193

■Chapter 11: Assessing Enterprise Cybersecurity �� 195

■Chapter 12: Measuring a Cybersecurity Program �� 213

■Chapter 13: Mapping Against Cybersecurity Frameworks �� 231

■Part V: Enterprise Cybersecurity Program �� 241

■Chapter 14: Managing an Enterprise Cybersecurity Program �� 243

■Chapter 15: Looking to the Future �� 263

■Part VI: Appendices �� 279

■Appendix A: Common Cyberattacks �� 281

■Appendix B: Cybersecurity Frameworks �� 297

■Appendix C: Enterprise Cybersecurity Capabilities �� 311

■Appendix D: Sample Cybersecurity Policy �� 335

■Appendix E: Cybersecurity Operational Processes �� 353

■Appendix F: Object Measurement �� 385

■Appendix G: Cybersecurity Capability Value Scales �� 409

■Appendix H: Cybersecurity Sample Assessment �� 431

■Appendix I: Network Segmentation �� 459

■Glossary �� 467

■Bibliography �� 481

Index �� 485

WOW! eBook

www.wowebook.org

xxxi

Introduction

Interest in cybersecurity is on the rise. As our world becomes more and more interconnected and more

and more online, the damage cyberthreats can do to our cyberworld is increasing dramatically, day by day.

For those of us old enough to remember life before personal computers—not to mention the Internet—it is

staggering to consider how all of this connectivity has transformed our daily lives. Yet, as the online world

developed in less than a generation, the ability to protect the online world has had even less time to develop

and is still maturing.

Hardly a week goes by without an announcement of a cybersecurity breach or incident of some form or

another, such as the following:

• Personal information compromised

• Credit cards stolen

• Medical records lost

• Companies hacked

• Governments targeted

The attackers perpetrating these crimes—and yes, most often these are criminal activities—seem to be

acting with impunity compared to the defenders seeking to stop them. These hacks are occurring to major

brand names, including Target, Home Depot, JP Morgan Chase, Sony, Apple, and many, many others. While

many of the hacks hitting the headlines affect victims in the United States, the parties doing the hacking are

in Russia, China, Korea, the Middle East, and elsewhere around the world. This problem is truly global.

If these hacks are happening to the biggest, most well-recognized and well-funded businesses and nations,

then what chance do the relatively smaller cybertargets have at protecting themselves?

Anyone who is interested in cybersecurity or who is responsible for cybersecurity at an organization

has certainly recognized that there is a long road ahead to achieving cybersecurity success against the threats

mentioned here, however that success ends up being defined.

What Is This Book About?

This book is about achieving enterprise cybersecurity success. Does success mean computers never get

compromised, malware never gets inside the enterprise, or breaches never occur? What success means

depends on how an enterprise defines it. Cybersecurity professionals work with executive leadership

to make business decisions on how good cybersecurity needs to be to defend the enterprise against

cyberattackers. Good translates into various operational processes, cybersecurity capabilities, and

information systems to protect the enterprise as needed to satisfy the business requirements.

WOW! eBook

www.wowebook.org

剩余507页未读，继续阅读

sliencer

粉丝: 4
资源: 75

会员权益专享

Enterprise Cybersecurity - How to build a ....

评论0

会员权益专享

最新资源

Enterprise Cybersecurity - How to build a ....

评论0

Cybersecurity Essentials

Linux Essentials for Cybersecurity

The.Security.Consultants.Handbook.

cyber security she标准

vda aspice for cybersecurity

写出20个在中国的与网络安全相关的专业期刊名称

Mastering Python for Networking and Security

NHTSA_Cybersecurity Best Practices for Modern Vehicles

aspice for cybersecurity

关于机器学习在网络安全中的应用的文献

Hands-On Penetration Testing with Python 1st Edition (2019)

我国从事网络与信息安全保障与服务的企业，给出5个以上企业的名称和网址

ISO SAE 21434.DIS 2020.02.12.pdf

Beginning Ethical Hacking with Python(Apress,2016)

Linux Perf Master(Linux性能大师)-第二版

Linux Basics for Hackers (2019)

As improvement of modern control theory and application of small embedded microprocessors, the cyber-physical systems [1, 2, 3, 4] has draw many people’s attention increasingly.以学术的角度润色该段话，并标出修改的地方和理由

会员权益专享

最新资源