What this book covers

Chapter 1, Introduction, discusses the most common ways that enterprise IT environments get initially compromised and how to mitigate them. This will prepare you to evaluate cybersecurity strategies that are designed to mitigate intrusion attempts (covered in later chapters).

Chapter 2, What to Know about Threat Intelligence, explains what threat intelligence is, how to determine good intelligence from bad, and how enterprise cybersecurity teams use it.

Chapter 3, Using Vulnerability Trends to Reduce Risk and Costs, covers what security vulnerabilities are, how they are scored, and the long-term industry disclosure trends across major vendors, operating systems, and browsers. This chapter also provides tips and tricks for running an enterprise vulnerability management program and how threat intelligence (covered in Chapter 2, What to Know about Threat Intelligence) can be integrated.

Chapter 4, The Evolution of Malware, provides a unique data-driven perspective of how malware has evolved around the world over the past 10+ years. This will help you understand the types of malware threats you face, and which malware threats are most and least prevalent.

This chapter also provides a deep dive into the evolution of ransomware – the most feared threat for security teams.

Chapter 5, Internet-Based Threats, examines some of the ways that attackers have been using the Internet and how these methods have evolved over time. Several types of threats are examined including phishing attacks, drive-by download attacks, malware hosting sites, and Distributed Denial of Service (DDoS) attacks.

Chapter 6, The Roles Governments Play in Cybersecurity, explains that many CISOs rely on governments to help them achieve their objectives by setting and regulating industry security standards, while others look to governments as a source of threat intelligence and guidance, while yet other CISOs view governments as threats to their organizations. What role do governments really play in cybersecurity? This chapter explores this question and help you decide whether to treat governments as threats.

Chapter 7, Government Access to Data, many CISOs and security teams view governments as threats to their organizations’ data. This is especially true of organizations based outside of the United States. Why is this and what do they know that you don’t? This chapter will examine the threat of government access to data and how to mitigate it.

Chapter 8, Ingredients for a Successful Cybersecurity Strategy, discusses developing a cybersecurity strategy, which is necessary, but not a guarantee of success by itself. There are several other ingredients that are necessary for a successful cybersecurity program. This chapter describes each of these ingredients in detail. This will give you the best chance of success for their own cybersecurity strategy.

Chapter 9, Cybersecurity Strategies, critically evaluates the major cybersecurity strategies that have been employed in the industry over the past 20 years, including Zero Trust. This chapter shows you how to evaluate the effectiveness of cybersecurity strategies.

Chapter 10, Strategy Implementation, provides an example of how to implement one of the best cybersecurity strategies. This chapter illustrates how an attack-centric strategy that leverages the intrusion kill chain and MITRE ATT&CK® can be implemented.

Chapter 11, Measuring Performance and Effectiveness, examines one of the challenges that CISOs and security teams have always had: how to measure the effectiveness of their cybersecurity programs. It’s hard to prove that something bad didn’t happen because of the work of the cybersecurity team - this chapter provides guidance on how to measure the performance and effectiveness of cybersecurity strategies.

Chapter 12, Modern Approaches to Security and Compliance, provides insights into how the cloud is the great cybersecurity talent amplifier. This chapter describes how Application Programming Interfaces (APIs) and automation can be leveraged to support a highly effective cybersecurity strategy.