Skip to main content
Fachgebiete
Automobil + Motoren Bauwesen + Immobilien Business IT + Informatik Elektrotechnik + Elektronik Energie + Nachhaltigkeit Finance + Banking Management + Führung Marketing + Vertrieb Maschinenbau + Werkstoffe Versicherung + Risiko
DE
EN
Themenseiten
Organisationspsychologie Projektmanagement Marketing Smart Manufacturing
Bücher
Zeitschriften
Weitere Formate
Podcasts Webinare Technik Webinare Wirtschaft Kongresse Veranstaltungskalender Awards
Jetzt Einzelzugang starten
Zugang für Unternehmen
Referenzkunden
MTZ-Fachkongress

Antriebe und Energiesysteme von morgen


Austausch von Automobil- und Energiewirtschaft

Am 14./15. Mai geht es in Chemnitz um die Mobilitätswende durch Elektro- und Wasserstofffahrzeuge.
Erweiterte Suche
Anmelden
nach oben

2018 | Buch

Defining the Cybersecurity Challenge Kapitel lesen Erstes Kapitel lesen

Enterprise Cybersecurity Study Guide

How to Build a Successful Cyberdefense Program Against Advanced Threats

verfasst von: Scott E. Donaldson, Stanley G. Siegel, Chris K. Williams, Abdul Aslam

Verlag: Apress

Enthalten in: Springer Professional "Wirtschaft+Technik" , Springer Professional "Technik" , Springer Professional "Wirtschaft"

Einloggen, um Zugang zu erhalten
insite
SUCHEN

Über dieses Buch

Use the methodology in this study guide to design, manage, and operate a balanced enterprise cybersecurity program that is pragmatic and realistic in the face of resource constraints and other real-world limitations. This guide is an instructional companion to the book Enterprise Cybersecurity: How to Build a Successful Cyberdefense Program Against Advanced Threats. The study guide will help you understand the book’s ideas and put them to work. The guide can be used for self-study or in the classroom.

Enterprise cybersecurity is about implementing a cyberdefense program that will succeed in defending against real-world attacks. While we often know what should be done, the resources to do it often are not sufficient. The reality is that the Cybersecurity Conundrum—what the defenders request, what the frameworks specify, and what the budget allows versus what the attackers exploit—gets in the way of what needs to be done. Cyberattacks in the headlines affecting millions of people show that this conundrum fails more often than we would prefer.

Cybersecurity professionals want to implement more than what control frameworks specify, and more than what the budget allows. Ironically, another challenge is that even when defenders get everything that they want, clever attackers are extremely effective at finding and exploiting the gaps in those defenses, regardless of their comprehensiveness. Therefore, the cybersecurity challenge is to spend the available budget on the right protections, so that real-world attacks can be thwarted without breaking the bank.

People involved in or interested in successful enterprise cybersecurity can use this study guide to gain insight into a comprehensive framework for coordinating an entire enterprise cyberdefense program.

What You’ll Learn

Know the methodology of targeted attacks and why they succeed Master the cybersecurity risk management process Understand why cybersecurity capabilities are the foundation of effective cyberdefenses Organize a cybersecurity program's policy, people, budget, technology, and assessment Assess and score a cybersecurity program Report cybersecurity program status against compliance and regulatory frameworks Use the operational processes and supporting information systems of a successful cybersecurity program Create a data-driven and objectively managed cybersecurity program Discover how cybersecurity is evolving and will continue to evolve over the next decade

Who This Book Is For

Those involved in or interested in successful enterprise cybersecurity (e.g., business professionals, IT professionals, cybersecurity professionals, and students). This guide can be used in a self-study mode. The book can be used by students to facilitate note-taking in the classroom and by Instructors to develop classroom presentations based on the contents of the original book, Enterprise Cybersecurity: How to Build a Successful Cyberdefense Program Against Advanced Threats.

Inhaltsverzeichnis

Frontmatter

Part I: The Cybersecurity Challenge

Frontmatter
Chapter 1. Defining the Cybersecurity Challenge
Abstract
The Enterprise Cybersecurity Framework is pragmatic, realistic, and designed for battling today’s cyberthreats as well as tomorrow’s next-generation cyberthreats.
Scott E. Donaldson, Stanley G. Siegel, Chris K. Williams, Abdul Aslam
Chapter 2. Meeting the Cybersecurity Challenge
Abstract
The graphic depicts a combination of factors required to protect an enterprise.
Scott E. Donaldson, Stanley G. Siegel, Chris K. Williams, Abdul Aslam

Part II: A New Enterprise Cybersecurity Architecture

Frontmatter
Chapter 3. Enterprise Cybersecurity Architecture
Abstract
This chapter describes an architecture consisting of enterprise functional areas used to organize and manage enterprise cybersecurity.
Scott E. Donaldson, Stanley G. Siegel, Chris K. Williams, Abdul Aslam
Chapter 4. Implementing Enterprise Cybersecurity
Abstract
The graphic delineates the necessary elements needed for an effective enterprise cybersecurity program.
Scott E. Donaldson, Stanley G. Siegel, Chris K. Williams, Abdul Aslam
Chapter 5. Operating Enterprise Cybersecurity
Abstract
This chapter examines the enterprise cybersecurity operational processes.
Scott E. Donaldson, Stanley G. Siegel, Chris K. Williams, Abdul Aslam
Chapter 6. Enterprise Cybersecurity and the Cloud
Abstract
This chapter examines how the cloud is transforming the way businesses everywhere approach building IT solutions.
Scott E. Donaldson, Stanley G. Siegel, Chris K. Williams, Abdul Aslam
Chapter 7. Enterprise Cybersecurity for Mobile and BYOD
Abstract
The graphic depicts various mobile devices and Bring Your Own Devices (BYODs).
Scott E. Donaldson, Stanley G. Siegel, Chris K. Williams, Abdul Aslam

Part III: The Art of Cyberdefense

Frontmatter
Chapter 8. Building an Effective Defense
Abstract
A good cybersecurity architecture alone is not going to stop cyberattackers who are targeting an enterprise and attempting to defeat its cyberdefenses.
Scott E. Donaldson, Stanley G. Siegel, Chris K. Williams, Abdul Aslam
Chapter 9. Responding to Incidents
Abstract
Some cyberattackers penetrate cyberdefenses no matter how well the defenses are designed, implemented, and maintained.
Scott E. Donaldson, Stanley G. Siegel, Chris K. Williams, Abdul Aslam
Chapter 10. Managing a Cybersecurity Crisis
Abstract
audi Aramco in 2012: Shamoon virus infected ∼ 30,000 of its Windows-based machines.
Scott E. Donaldson, Stanley G. Siegel, Chris K. Williams, Abdul Aslam

Part IV: Enterprise Cyberdefense Assessment

Frontmatter
Chapter 11. Assessing Enterprise Cybersecurity
Abstract
This chapter discusses several things related to auditing and assessing an enterprise’s cybersecurity program.
Scott E. Donaldson, Stanley G. Siegel, Chris K. Williams, Abdul Aslam
Chapter 12. Measuring a Cybersecurity Program
Abstract
People often measure things because somebody—some edict or some policy— stipulates that things should be measured.
Scott E. Donaldson, Stanley G. Siegel, Chris K. Williams, Abdul Aslam
Chapter 13. Mapping Against Cybersecurity Frameworks
Abstract
Enterprises need to report on the status of their cybersecurity programs against external frameworks to satisfy their own auditors or other internal business purposes.
Scott E. Donaldson, Stanley G. Siegel, Chris K. Williams, Abdul Aslam

Part V: Enterprise Cybersecurity Program

Frontmatter
Chapter 14. Managing an Enterprise Cybersecurity Program
Abstract
The cybersecurity program utilizes the following management tools
Scott E. Donaldson, Stanley G. Siegel, Chris K. Williams, Abdul Aslam
Chapter 15. Looking to the Future
Abstract
Functional areas enable easy delegation and reporting of status at an abstraction layer suitable for executive consumption.
Scott E. Donaldson, Stanley G. Siegel, Chris K. Williams, Abdul Aslam

Part VI: Appendices

Frontmatter
Appendix A. Sample Cybersecurity Policy
Abstract
Security policies identify the assets to be protected and the protection afforded those assets.
Scott E. Donaldson, Stanley G. Siegel, Chris K. Williams, Abdul Aslam
Appendix B. Cybersecurity Operational Processes
Abstract
To maintain an effective cybersecurity posture, the Chief Information Security Officer (CISO) should maintain a number of cybersecurity operational processes
Scott E. Donaldson, Stanley G. Siegel, Chris K. Williams, Abdul Aslam
Appendix C. Object Measurement
Abstract
An enterprise wants to protect itself from cybersecurity attacks that are constantly morphing.
Scott E. Donaldson, Stanley G. Siegel, Chris K. Williams, Abdul Aslam
Appendix D. Cybersecurity Sample Assessment
Abstract
The purpose of this appendix is to bring together a previously introduced hierarchy of cybersecurity concepts into three worked-out numerical examples and address the following questions.
Scott E. Donaldson, Stanley G. Siegel, Chris K. Williams, Abdul Aslam
Appendix E. Cybersecurity Capability Value Scales
Abstract
This appendix provides example Object Measurement (OM) observed data value scale definitions.
Scott E. Donaldson, Stanley G. Siegel, Chris K. Williams, Abdul Aslam
Backmatter
Metadaten
Titel
Enterprise Cybersecurity Study Guide
verfasst von
Scott E. Donaldson
Stanley G. Siegel
Chris K. Williams
Abdul Aslam
Copyright-Jahr
2018
Verlag
Apress
Electronic ISBN
978-1-4842-3258-3
Print ISBN
978-1-4842-3257-6
DOI
https://doi.org/10.1007/978-1-4842-3258-3

Premium Partner

    Bildnachweise