You're reading from Resilient Cybersecurity Reconstruct your defense strategy in an evolving cyber world

Product type Paperback

Published in Sep 2024

Publisher Packt

ISBN-13 9781835462515

Length 752 pages

Edition 1st Edition

Concepts

Cybersecurity

Author (1):

Mark Dunkerley

View More author details

Table of Contents (19) Chapters

Preface

1. Current State FREE CHAPTER

2. Setting the Foundations

3. Building Your Roadmap

4. Solidifying Your Strategy

5. Cybersecurity Architecture

6. Identity and Access Management

7. Cybersecurity Operations

8. Vulnerability Management

9. User Awareness, Training, and Testing

10. Vendor Risk Management

11. Proactive Services

12. Operational Technology and the Internet of Things

13. Governance Oversight

14. Managing Risk

15. Regulatory and Compliance

16. Some Final Thoughts

17. Other Books You May Enjoy

18. Index

Current State

There doesn’t seem to be a day that goes by that there isn’t a new notice of a cybersecurity breach or some form of cybercrime. Cybersecurity incidents have become so prevalent that they are hitting mainstream media on a regular basis because of their impact. Cyber events are not just causing a small inconvenience to organizations, they are causing substantial financial loss (millions), crippling manufacturing operations, damaging reputations, leaking enormous amounts of Personal Identifiable Information (PII), and in some instances, causing organizations to permanently close their doors.

The discussion around cybersecurity and risk has become a critical agenda item on executive leadership teams, board rooms, and within the highest level of governments. And, the unfortunate reality is, it continues to get more challenging as threat actors continue to become more sophisticated. The question from leadership and board members continues to be asked: Are we secure? The simple answer is no. No one is 100% secure in today’s digital world and we never will be. There will always be risk. As leaders, it is our responsibility to manage and reduce risk as much as possible. We will never eliminate risk entirely, and it is important that those we work for and report to understand this. As cybersecurity leaders, we must create an environment that balances cybersecurity with business enablement and builds a culture around cybersecurity. This includes the need for full transparency, effective collaboration throughout the organization, and most importantly, trust.

As we hear more news of security breaches like the multiple T-Mobile breaches over the years, the Marriott International breach, the Equifax breach, and the Yahoo breach of 3 billion records, the severity of what we are dealing with is evident and requires our utmost attention. The reality is, we all need to do better.

We not only need to hold ourselves accountable, but also those around us and especially those who are trusted to manage, process, and store our data. This is far from an easy task, especially with the emerging complexity of technologies, an attack surface that continues to widen, and the progression of organized cyber and state-sponsored crime groups with budgets and expertise far exceeding that of most organizations.

Because of this, we need to continue to evolve our cybersecurity programs and strategies to meet the demand of modern-day threats such as AI-driven and supply chain-based attacks. As cybersecurity leaders, this in turn means being innovative, creative, dynamic, and agile. We cannot become complacent with the current state because technology and the world we live in are evolving at a faster pace than we’ve ever seen. The hope is that this book can help provide the higher-level strategy and insight into a more modern cybersecurity program, whether you already have a program in place or you are looking to build one from the ground up.

As you read through this chapter, you will learn more details about the current state of cybersecurity and the challenges we face as cybersecurity leaders. Specifically, you will learn about the following: