Build, evaluate, and measure effective cybersecurity strategies using real-world threat intelligence and lessons from decades of enterprise defense experience.
Key Features:
- Apply data-driven strategies to protect, detect, and respond to modern cyber threats
- Evaluate Zero Trust, attack-centric, and resilience strategies for enterprise defense
- Address ransomware, API abuse, cloud risks, and AI system security
- Purchase of the print or Kindle book includes a free PDF eBook
Book Description:
Designing a cybersecurity strategy that actually works is difficult when threats evolve faster than budgets, teams, and tools. This book helps security leaders cut through noise by focusing on how organizations are compromised, which strategies succeed, and how to measure outcomes.
Written by Tim Rains, a former Global Chief Security Advisor at Microsoft and senior security leader at AWS and Fortune-scale enterprises, this edition expands on the previous editions with major updates and new chapters. You will learn how threat intelligence, attack-centric security, intrusion kill chains, and MITRE ATT&CK can help defenders design stronger strategies.
New and expanded content covers ransomware, API security, "living off the land" attacks, resilience as a cybersecurity strategy, and the security of AI systems alongside practical guidance on using AI to improve security outcomes. This book takes a practical, evidence-based approach to cybersecurity strategy, helping you assess trade-offs, avoid costly missteps, and communicate clearly with executives and boards.
By the end of this book, you'll be able to evaluate cybersecurity strategies more effectively, improve enterprise defenses, and communicate security priorities clearly to executives and boards.
What You Will Learn:
- Identify common enterprise intrusion paths and reduce initial compromise
- Distinguish credible threat intelligence from industry noise
- Improve vulnerability management while reducing risk and cost
- Assess malware, ransomware, and internet-based attack techniques
- Secure APIs and reduce exposure from trusted enterprise tools
- Evaluate Zero Trust and attack-centric security strategies
- Apply cloud, resilience, and AI capabilities to improve security outcomes
- How governments request data and how enterprises manage access, risk, and oversight
Who this book is for:
This book is for CISOs, CSOs, security leaders, architects, and cybersecurity professionals responsible for strategy, risk reduction, and compliance in enterprise environments. Readers should have a basic understanding of IT, networking, and core cybersecurity concepts.
Table of Contents
- How Enterprises Get Hacked
- What to Know About Threat Intelligence
- Vulnerability Disclosure Trends
- The Evolution of Malware
- Internet-Based Threats
- Application Programming Interface (API) security
- Friend or Foe? The roles governments play in cybersecurity
- Government access to data
- Ingredients for a Successful Strategy
- Cybersecurity Strategies
- Strategy Implementation
- Measuring Performance and Effectiveness
- Modern Approaches to Security and Compliance
- Mitigating "Living Off the Land" tactics
- Artificial Intelligence: Security of AI systems and using AI for better cybersecurity
外文書商品之書封,為出版社提供之樣本。實際出貨商品,以出版社所提供之現有版本為主。部份書籍,因出版社供應狀況特殊,匯率將依實際狀況做調整。
無庫存之商品,在您完成訂單程序之後,將以空運的方式為你下單調貨。為了縮短等待的時間,建議您將外文書與其他商品分開下單,以獲得最快的取貨速度,平均調貨時間為1~2個月。
為了保護您的權益,「三民網路書店」提供會員七日商品鑑賞期(收到商品為起始日)。
若要辦理退貨,請在商品鑑賞期內寄回,且商品必須是全新狀態與完整包裝(商品、附件、發票、隨貨贈品等)否則恕不接受退貨。
