Enterprise Cybersecurity lays out the design, implementation,and management of comprehensive cybersecurity programs that enable enterprises of all sizes and sectors to protect themselves preemptively and actively against the escalating threat of modern, targeted cyberattacks.
To frame their exposition of the components of effective cybersecurity programs, the authors develop two actionable concepts central to their systems engineering approach. First, the “kill chain” of a cyber-intrusion comprises the intrusive phases of adversarial reconnaissance, weaponization, delivery, and exploitation, to each of which the authors map defensive courses of action for detection, mitigation, and response. Second, the “trust stack” concept articulates the structure of defensive response in terms of two subsidiary stacks whose elements are sequentially arranged in increasing difficulty for an attacker to breach and compromise. One subsidiary stack is the “application stack” comprised of ten elements such as end user, application software, and database. The other is the “administration stack” comprised of nine elements such as user credentials, application administration, and database administration.
Within the conceptual framework of the kill chain and trust stack, Enterprise Cybersecurity describes the aims, strategies, tactics, and taxonomy of security threats and the panoply of corresponding cyberdefensive measures.These countermeasures include hardening of enterprise defenses, immediate detection of intrusions, containment of attacks, and repulse to prevent exploitation of breaches. End-to-end cyberdefense systems integrate preventive,detective, monitoring, and forensics controls.Toward this integrative end, the team of authors—respected experts and thought leaders in the rapidly evolving field of enterprise cybersecurity—introduce a new synthetic paradigm called Cybersecurity Capability Architecture, which they have collectively refined and separately put into practice.
Readers of this book will learn to design and implement the ten functional areas of Cybersecurity Capability Architecture:
Enterprise Cybersecurity empowers organizations of all sizes to defend themselves with next-generation cybersecurity programs against the escalating threat of modern targeted cyberattacks. This book presents a comprehensive framework for managing all aspects of an enterprise cybersecurity program. It enables an enterprise to architect, design, implement, and operate a coherent cybersecurity program that is seamlessly coordinated with policy, programmatics, IT life cycle, and assessment.
Fail-safe cyberdefense is a pipe dream. Given sufficient time, an intelligent attacker can eventually defeat defensive measures protecting an enterprise’s computer systems and IT networks.
To prevail, an enterprise cybersecurity program must manage risk by detecting attacks early enough and delaying them long enough that the defenders have time to respond effectively. Enterprise Cybersecurity shows players at all levels of responsibility how to unify their organization’s people, budgets, technologies, and processes into a cost-efficient cybersecurity program capable of countering advanced cyberattacks and containing damage in the event of a breach.
The authors of Enterprise Cybersecurity explain at both strategic and tactical levels how to accomplish the mission of leading, designing, deploying, operating, managing, and supporting cybersecurity capabilities in an enterprise environment. The authors are recognized experts and thought leaders in this rapidly evolving field, drawing on decades of collective experience in cybersecurity and IT. In capacities ranging from executive strategist to systems architect to cybercombatant, Scott E. Donaldson, Stanley G. Siegel, Chris K. Williams, and Abdul Aslam have fought on the front lines of cybersecurity against advanced persistent threats to government, military, and business entities.
„Über diesen Titel“ kann sich auf eine andere Ausgabe dieses Titels beziehen.
Buchbeschreibung APRESS L.P. Mai 2015, 2015. Taschenbuch. Buchzustand: Neu. 258x179x33 mm. Neuware - Enterprise Cybersecurity empowers organizations of all sizes to defend themselves with next-generation cybersecurity programs against the escalating threat of modern targeted cyberattacks. This book presents a comprehensive framework for managing all aspects of an enterprise cybersecurity program. It enables an enterprise to architect, design, implement, and operate a coherent cybersecurity program that is seamlessly coordinated with policy, programmatics, IT life cycle, and assessment. 490 pp. Englisch. Artikel-Nr. 9781430260820