EnterpriseCybersecurity(Apress,2015)资源-CSDN文库

需积分: 10 68 浏览量 2015-06-28 09:44:09 上传评论收藏 21.27MB PDF 举报

资源推荐

资源详情

资源评论

Donaldson

Siegel

Williams

Aslam

Shelve in

Networking/Security

User level:

Beginning–Advanced

www.apress.com

BOOKS FOR PROFESSIONALS BY PROFESSIONALS

Enterprise Cybersecurity

Enterprise Cybersecurity empowers organizations of all sizes to defend themselves

with next-generation cybersecurity programs against the escalating threat of modern

targeted cyberattacks. This book presents a comprehensive framework for managing

all aspects of an enterprise cybersecurity program. It enables an enterprise to

architect, design, implement, and operate a coherent cybersecurity program that is

seamlessly coordinated with policy, programmatics, IT life cycle, and assessment.

Fail-safe cyberdefense is a pipe dream. Given sufficient time, an intelligent

attacker can eventually defeat defensive measures protecting an enterprise’s

computer systems and IT networks.

To prevail, an enterprise cybersecurity program must manage risk by detecting

attacks early enough and delaying them long enough that the defenders have

time to respond effectively. Enterprise Cybersecurity shows players at all levels

of responsibility how to unify their organization’s people, budgets, technologies,

and processes into a cost-efficient cybersecurity program capable of countering

advanced cyberattacks and containing damage in the event of a breach.

The authors of Enterprise Cybersecurity explain at both strategic and tactical

levels how to accomplish the mission of leading, designing, deploying, operating,

managing, and supporting cybersecurity capabilities in an enterprise environment.

The authors are recognized experts and thought leaders in this rapidly evolving

field, drawing on decades of collective experience in cybersecurity and IT. In

capacities ranging from executive strategist to systems architect to cybercombatant,

Scott E. Donaldson, Stanley G. Siegel, Chris K. Williams, and Abdul Aslam have

fought on the front lines of cybersecurity against advanced persistent threats to

government, military, and business entities.

9781430 260820

56999

ISBN 978-1-4302-6082-0

www.it-ebooks.info

Contents at a Glance

Foreword ��xxv

About the Authors �� xxvii

Acknowledgments ��xxix

Introduction ��xxxi

■Part I: The Cybersecurity Challenge �� 1

■Chapter 1: Deﬁning the Cybersecurity Challenge �� 3

■Chapter 2: Meeting the Cybersecurity Challenge �� 27

■Part II: A New Enterprise Cybersecurity Architecture �� 45

■Chapter 3: Enterprise Cybersecurity Architecture �� 47

■Chapter 4: Implementing Enterprise Cybersecurity �� 71

■Chapter 5: Operating Enterprise Cybersecurity �� 87

■Chapter 6: Enterprise Cybersecurity and the Cloud �� 105

■Chapter 7: Enterprise Cybersecurity for Mobile and BYOD �� 119

■Part III: The Art of Cyberdefense �� 131

■Chapter 8: Building an Effective Defense �� 133

■Chapter 9: Responding to Incidents �� 157

■Chapter 10: Managing a Cybersecurity Crisis �� 167

www.it-ebooks.info

■ CONTENTS AT A GLANCE

■Part IV: Enterprise Cyberdefense Assessment �� 193

■Chapter 11: Assessing Enterprise Cybersecurity �� 195

■Chapter 12: Measuring a Cybersecurity Program �� 213

■Chapter 13: Mapping Against Cybersecurity Frameworks �� 231

■Part V: Enterprise Cybersecurity Program �� 241

■Chapter 14: Managing an Enterprise Cybersecurity Program �� 243

■Chapter 15: Looking to the Future �� 263

■Part VI: Appendices �� 279

■Appendix A: Common Cyberattacks �� 281

■Appendix B: Cybersecurity Frameworks �� 297

■Appendix C: Enterprise Cybersecurity Capabilities �� 311

■Appendix D: Sample Cybersecurity Policy �� 335

■Appendix E: Cybersecurity Operational Processes �� 353

■Appendix F: Object Measurement �� 385

■Appendix G: Cybersecurity Capability Value Scales �� 409

■Appendix H: Cybersecurity Sample Assessment �� 431

■Appendix I: Network Segmentation �� 459

■Glossary �� 467

■Bibliography �� 481

Index �� 485

www.it-ebooks.info

xxxi

Introduction

Interest in cybersecurity is on the rise. As our world becomes more and more interconnected and more

and more online, the damage cyberthreats can do to our cyberworld is increasing dramatically, day by day.

For those of us old enough to remember life before personal computers—not to mention the Internet—it is

staggering to consider how all of this connectivity has transformed our daily lives. Yet, as the online world

developed in less than a generation, the ability to protect the online world has had even less time to develop

and is still maturing.

Hardly a week goes by without an announcement of a cybersecurity breach or incident of some form or

another, such as the following:

• Personal information compromised

• Credit cards stolen

• Medical records lost

• Companies hacked

• Governments targeted

The attackers perpetrating these crimes—and yes, most often these are criminal activities—seem to be

acting with impunity compared to the defenders seeking to stop them. These hacks are occurring to major

brand names, including Target, Home Depot, JP Morgan Chase, Sony, Apple, and many, many others. While

many of the hacks hitting the headlines affect victims in the United States, the parties doing the hacking are

in Russia, China, Korea, the Middle East, and elsewhere around the world. This problem is truly global.

If these hacks are happening to the biggest, most well-recognized and well-funded businesses and nations,

then what chance do the relatively smaller cybertargets have at protecting themselves?

Anyone who is interested in cybersecurity or who is responsible for cybersecurity at an organization

has certainly recognized that there is a long road ahead to achieving cybersecurity success against the threats

mentioned here, however that success ends up being defined.

What Is This Book About?

This book is about achieving enterprise cybersecurity success. Does success mean computers never get

compromised, malware never gets inside the enterprise, or breaches never occur? What success means

depends on how an enterprise defines it. Cybersecurity professionals work with executive leadership

to make business decisions on how good cybersecurity needs to be to defend the enterprise against

cyberattackers. Good translates into various operational processes, cybersecurity capabilities, and

information systems to protect the enterprise as needed to satisfy the business requirements.

www.it-ebooks.info

剩余507页未读，继续阅读

评论收藏

内容反馈

vanridin

粉丝: 108
资源: 1192

Enterprise Cybersecurity(Apress,2015)

最新资源

Enterprise Cybersecurity(Apress,2015)

Enterprise Cybersecurity Study Guide.pdf

Pivotal Certified Spring Enterprise Integration Specialist Exam(Apress,2015)

Practical Enterprise Software Development Techniques(Apress,2015)

Enterprise.Cybersecurity.1430260823

Enterprise Cybersecurity Study Guide How to Build a Successful Cyberdefense epub

Enterprise Cybersecurity - How to build a ....

Essential.Cybersecurity.Science.2015.12.pdf

UN Regulation No.155 - Cyber security and cyber security managem

「漏洞预警」Optimizing Enterprise Cybersecurity through Serious Gam

Cybersecurity Incident Response

ASPICE_for_Cybersecurity_Yellow_Volume_1st_edition_2021.pdf

Enterprise Cybersecurity Study Guide How to Build a Successful 无水印原版pdf

AutomotiveSPICE_for_Cybersecurity

Developing Cybersecurity Programs and Policies, 3rd Edition

Cyber Security 无水印原版pdf

网络安全(cybersecurity)国际标准进展与解读.pdf

Developing Cybersecurity Programs and Policies

Linux Essentials for Cybersecurity

VDA汽车网络安全管理体系指南 Automotive Cybersecurity Management System Aduit

Upstream Security Global Automotive Cybersecurity Report 2022

ISO_SAE21434.D1：2020 Road Vehicles - Cybersecurity Engineering -

最新版ISO/IEC 27001:2022、ISO 27002:2022中英文合集

Goby红队版-win-x64-2.4.7版本

Chrome Header Editor 插件

ISO SAE 21434-2021 中文版.pdf

安全认证cisp教材全套

OpenVAS GVM 中文翻译补丁

现代永磁同步电机控制原理及MATLAB仿真__袁雷编著1

最新资源