Preface

• Who this book is for
• What this book covers
• To get the most out of this book
• Conventions used
• Get in touch
• Reviews
• Share Your Thoughts

1. Part 1: Attack on BigCo FREE CHAPTER

2. Chapter 1: The Attack on BigCo

• BigCo – the attack
• BigCo – cross-team co-ordination
• Summary

3. Part 2: Security Resilience: Getting the Basics Down

4. Chapter 2: Identity and Access Management

• Two-factor authentication and why you need it
• Password complexity and NIST 800-63-3B
• Password manager
• Quick reference
• Summary

5. Chapter 3: Security Policies

• Where are your policies, and are they being used?
• Compliance begins with laws and regulations
• Importance of Due diligence
• Summary

6. Chapter 4: Security and Risk Management

• What is risk management?
• Identifying risks
• Monitoring your controls
• Key performance indicators (KPIs)
• Quick reference
• Summary

7. Chapter 5: Securing Your Endpoints

• Antivirus/anti-malware
• Virtual private network (VPN)
• Moving to remote work
• Testing your home firewall
• Network access control (NAC) and Zero Trust
• Application firewall
• Securing your browser
• Turning on your application firewall
• Okta hack
• Summary

8. Chapter 6: Data Safeguarding

• Offline backups
• Testing your backups
• Cryptographic hashing
• Availability in the cloud
• Business continuity
• Disaster recovery
• Summary

9. Chapter 7: Security Awareness Culture

• Security awareness training is foundational
• Security is everyone’s responsibility
• Security awareness training is mandatory and tracked

10. Chapter 8: Vulnerability Management

• What are software vulnerabilities?
• Prioritizing your remediations
• Securing your code
• Summary

11. Chapter 9: Asset Inventory

• Asset inventory
• Change management
• Mobile device management (MDM)
• Knowing your network
• Summary

12. Chapter 10: Data Protection

• Encrypt your data!
• What is PII? It depends…
• Third-party risk management
• Summary

13. Part 3: Security Resilience: Taking Your Security Program to the Next Level

14. Chapter 11: Taking Your Endpoint Security to the Next Level

• Endpoint detection and response (EDR) – Focusing on the “R”
• Managed detection and response (MDR)
• Extended detection and response (XDR)
• Cloud security posture management (CSPM)/Cloud-native application protection program (CNAPP)
• Zero trust vs. software-defined perimeter
• Summary

15. Chapter 12: Secure Configuration Baseline

• Security baseline
• System and Organizational Controls (SOC) 2
• Creating your security baseline
• Summary

16. Chapter 13: Classify Your Data and Assets

• Start with your data
• Classifying your assets
• Monitoring
• Subnetting
• Segmentation
• Summary

17. Chapter 14: Cyber Resilience in the Age of Artificial Intelligence (AI)

• ChatGPT
• What is responsible AI?
• Secure AI framework (SAIF)
• AI and cybersecurity – The good, the bad, and the ugly
• AI bias
• NIST AI RMF
• Summary

18. Index

• Why subscribe?

19. Other Books You May Enjoy

• Packt is searching for authors like you
• Share Your Thoughts
• Download a free PDF copy of this book