Summary
The context I provided in this chapter will be helpful for readers throughout the rest of this book. In this chapter, I introduced the cybersecurity fundamentals and the Cybersecurity Usual Suspects; I will relentlessly refer to these concepts throughout the rest of this book.
Organizations that are very proficient at managing the cybersecurity fundamentals make it much harder for attackers to be successful. A solid foundation, focused on the fundamentals, is required for a successful strategy.
Don’t confuse an attacker’s motivations with their tactics. Since accurate attribution for attacks can be difficult or impossible to accomplish, it’s unlikely most organizations will be able to determine who is attacking them and what attackers’ motivations really are. Whether the attacker is a purveyor of commodity malware or a nation state, the ways they will try to initially compromise their victims’ IT environments are limited to the Cybersecurity...
