How to Measure Anything in Cybersecurity Risk

How to Measure Anything in Cybersecurity Risk
Author: Douglas W. Hubbard,Richard Seiersen
Publsiher: John Wiley & Sons
Total Pages: 304
Release: 2016-07-25
ISBN: 1119085292
Category: Business & Economics
Language: EN, FR, DE, ES & NL

How to Measure Anything in Cybersecurity Risk Book Excerpt:

A ground shaking exposé on the failure of popular cyber risk management methods How to Measure Anything in Cybersecurity Risk exposes the shortcomings of current "risk management" practices, and offers a series of improvement techniques that help you fill the holes and ramp up security. In his bestselling book How to Measure Anything, author Douglas W. Hubbard opened the business world's eyes to the critical need for better measurement. This book expands upon that premise and draws from The Failure of Risk Management to sound the alarm in the cybersecurity realm. Some of the field's premier risk management approaches actually create more risk than they mitigate, and questionable methods have been duplicated across industries and embedded in the products accepted as gospel. This book sheds light on these blatant risks, and provides alternate techniques that can help improve your current situation. You'll also learn which approaches are too risky to save, and are actually more damaging than a total lack of any security. Dangerous risk management methods abound; there is no industry more critically in need of solutions than cybersecurity. This book provides solutions where they exist, and advises when to change tracks entirely. Discover the shortcomings of cybersecurity's "best practices" Learn which risk management approaches actually create risk Improve your current practices with practical alterations Learn which methods are beyond saving, and worse than doing nothing Insightful and enlightening, this book will inspire a closer examination of your company's own risk management practices in the context of cybersecurity. The end goal is airtight data protection, so finding cracks in the vault is a positive thing—as long as you get there before the bad guys do. How to Measure Anything in Cybersecurity Risk is your guide to more robust protection through better quantitative processes, approaches, and techniques.

How to Measure Anything in Cybersecurity Risk

How to Measure Anything in Cybersecurity Risk
Author: Douglas W. Hubbard,Richard Seiersen
Publsiher: John Wiley & Sons
Total Pages: 304
Release: 2016-07-05
ISBN: 1119224608
Category: Business & Economics
Language: EN, FR, DE, ES & NL

How to Measure Anything in Cybersecurity Risk Book Excerpt:

A ground shaking exposé on the failure of popular cyber risk management methods How to Measure Anything in Cybersecurity Risk exposes the shortcomings of current "risk management" practices, and offers a series of improvement techniques that help you fill the holes and ramp up security. In his bestselling book How to Measure Anything, author Douglas W. Hubbard opened the business world's eyes to the critical need for better measurement. This book expands upon that premise and draws from The Failure of Risk Management to sound the alarm in the cybersecurity realm. Some of the field's premier risk management approaches actually create more risk than they mitigate, and questionable methods have been duplicated across industries and embedded in the products accepted as gospel. This book sheds light on these blatant risks, and provides alternate techniques that can help improve your current situation. You'll also learn which approaches are too risky to save, and are actually more damaging than a total lack of any security. Dangerous risk management methods abound; there is no industry more critically in need of solutions than cybersecurity. This book provides solutions where they exist, and advises when to change tracks entirely. Discover the shortcomings of cybersecurity's "best practices" Learn which risk management approaches actually create risk Improve your current practices with practical alterations Learn which methods are beyond saving, and worse than doing nothing Insightful and enlightening, this book will inspire a closer examination of your company's own risk management practices in the context of cybersecurity. The end goal is airtight data protection, so finding cracks in the vault is a positive thing—as long as you get there before the bad guys do. How to Measure Anything in Cybersecurity Risk is your guide to more robust protection through better quantitative processes, approaches, and techniques.

How to Measure Anything

How to Measure Anything
Author: Douglas W. Hubbard
Publsiher: John Wiley & Sons
Total Pages: 432
Release: 2014-03-17
ISBN: 1118539273
Category: Business & Economics
Language: EN, FR, DE, ES & NL

How to Measure Anything Book Excerpt:

Now updated with new measurement methods and new examples, How to Measure Anything shows managers how to inform themselves in order to make less risky, more profitable business decisions This insightful and eloquent book will show you how to measure those things in your own business, government agency or other organization that, until now, you may have considered "immeasurable," including customer satisfaction, organizational flexibility, technology risk, and technology ROI. Adds new measurement methods, showing how they can be applied to a variety of areas such as risk management and customer satisfaction Simplifies overall content while still making the more technical applications available to those readers who want to dig deeper Continues to boldly assert that any perception of "immeasurability" is based on certain popular misconceptions about measurement and measurement methods Shows the common reasoning for calling something immeasurable, and sets out to correct those ideas Offers practical methods for measuring a variety of "intangibles" Provides an online database (www.howtomeasureanything.com) of downloadable, practical examples worked out in detailed spreadsheets Written by recognized expert Douglas Hubbard—creator of Applied Information Economics—How to Measure Anything, Third Edition illustrates how the author has used his approach across various industries and how any problem, no matter how difficult, ill defined, or uncertain can lend itself to measurement using proven methods.

Assessing and Insuring Cybersecurity Risk

Assessing and Insuring Cybersecurity Risk
Author: Ravi Das
Publsiher: CRC Press
Total Pages: 166
Release: 2021-10-07
ISBN: 1000459977
Category: Business & Economics
Language: EN, FR, DE, ES & NL

Assessing and Insuring Cybersecurity Risk Book Excerpt:

Remote workforces using VPNs, cloud-based infrastructure and critical systems, and a proliferation in phishing attacks and fraudulent websites are all raising the level of risk for every company. It all comes down to just one thing that is at stake: how to gauge a company’s level of cyber risk and the tolerance level for this risk. Loosely put, this translates to how much uncertainty an organization can tolerate before it starts to negatively affect mission critical flows and business processes. Trying to gauge this can be a huge and nebulous task for any IT security team to accomplish. Making this task so difficult are the many frameworks and models that can be utilized. It is very confusing to know which one to utilize in order to achieve a high level of security. Complicating this situation further is that both quantitative and qualitative variables must be considered and deployed into a cyber risk model. Assessing and Insuring Cybersecurity Risk provides an insight into how to gauge an organization’s particular level of cyber risk, and what would be deemed appropriate for the organization’s risk tolerance. In addition to computing the level of cyber risk, an IT security team has to determine the appropriate controls that are needed to mitigate cyber risk. Also to be considered are the standards and best practices that the IT security team has to implement for complying with such regulations and mandates as CCPA, GDPR, and the HIPAA. To help a security team to comprehensively assess an organization’s cyber risk level and how to insure against it, the book covers: The mechanics of cyber risk Risk controls that need to be put into place The issues and benefits of cybersecurity risk insurance policies GDPR, CCPA, and the the CMMC Gauging how much cyber risk and uncertainty an organization can tolerate is a complex and complicated task, and this book helps to make it more understandable and manageable.

The Failure of Risk Management

The Failure of Risk Management
Author: Douglas W. Hubbard
Publsiher: John Wiley & Sons
Total Pages: 384
Release: 2020-02-26
ISBN: 1119522048
Category: Business & Economics
Language: EN, FR, DE, ES & NL

The Failure of Risk Management Book Excerpt:

A practical guide to adopting an accurate risk analysis methodology The Failure of Risk Management provides effective solutionstosignificantfaults in current risk analysis methods. Conventional approaches to managing risk lack accurate quantitative analysis methods, yielding strategies that can actually make things worse. Many widely used methods have no systems to measure performance, resulting in inaccurate selection and ineffective application of risk management strategies. These fundamental flaws propagate unrealistic perceptions of risk in business, government, and the general public. This book provides expert examination of essential areas of risk management, including risk assessment and evaluation methods, risk mitigation strategies, common errors in quantitative models, and more. Guidance on topics such as probability modelling and empirical inputs emphasizes the efficacy of appropriate risk methodology in practical applications. Recognized as a leader in the field of risk management, author Douglas W. Hubbard combines science-based analysis with real-world examples to present a detailed investigation of risk management practices. This revised and updated second edition includes updated data sets and checklists, expanded coverage of innovative statistical methods, and new cases of current risk management issues such as data breaches and natural disasters. Identify deficiencies in your current risk management strategy and take appropriate corrective measures Adopt a calibrated approach to risk analysis using up-to-date statistical tools Employ accurate quantitative risk analysis and modelling methods Keep pace with new developments in the rapidly expanding risk analysis industry Risk analysis is a vital component of government policy, public safety, banking and finance, and many other public and private institutions. The Failure of Risk Management: Why It's Broken and How to Fix It is a valuable resource for business leaders, policy makers, managers, consultants, and practitioners across industries.

Navigating the Cybersecurity Career Path

Navigating the Cybersecurity Career Path
Author: Helen E. Patton
Publsiher: John Wiley & Sons
Total Pages: 336
Release: 2021-10-29
ISBN: 1119833434
Category: Computers
Language: EN, FR, DE, ES & NL

Navigating the Cybersecurity Career Path Book Excerpt:

Land the perfect cybersecurity role—and move up the ladder—with this insightful resource Finding the right position in cybersecurity is challenging. Being successful in the profession takes a lot of work. And becoming a cybersecurity leader responsible for a security team is even more difficult. In Navigating the Cybersecurity Career Path, decorated Chief Information Security Officer Helen Patton delivers a practical and insightful discussion designed to assist aspiring cybersecurity professionals entering the industry and help those already in the industry advance their careers and lead their first security teams. In this book, readers will find: Explanations of why and how the cybersecurity industry is unique and how to use this knowledge to succeed Discussions of how to progress from an entry-level position in the industry to a position leading security teams and programs Advice for every stage of the cybersecurity career arc Instructions on how to move from single contributor to team leader, and how to build a security program from scratch Guidance on how to apply the insights included in this book to the reader's own situation and where to look for personalized help A unique perspective based on the personal experiences of a cybersecurity leader with an extensive security background Perfect for aspiring and practicing cybersecurity professionals at any level of their career, Navigating the Cybersecurity Career Path is an essential, one-stop resource that includes everything readers need to know about thriving in the cybersecurity industry.

Cybersecurity Data Science

Cybersecurity Data Science
Author: Scott Mongeau,Andrzej Hajdasinski
Publsiher: Springer Nature
Total Pages: 388
Release: 2021-10-01
ISBN: 3030748960
Category: Computers
Language: EN, FR, DE, ES & NL

Cybersecurity Data Science Book Excerpt:

This book encompasses a systematic exploration of Cybersecurity Data Science (CSDS) as an emerging profession, focusing on current versus idealized practice. This book also analyzes challenges facing the emerging CSDS profession, diagnoses key gaps, and prescribes treatments to facilitate advancement. Grounded in the management of information systems (MIS) discipline, insights derive from literature analysis and interviews with 50 global CSDS practitioners. CSDS as a diagnostic process grounded in the scientific method is emphasized throughout Cybersecurity Data Science (CSDS) is a rapidly evolving discipline which applies data science methods to cybersecurity challenges. CSDS reflects the rising interest in applying data-focused statistical, analytical, and machine learning-driven methods to address growing security gaps. This book offers a systematic assessment of the developing domain. Advocacy is provided to strengthen professional rigor and best practices in the emerging CSDS profession. This book will be of interest to a range of professionals associated with cybersecurity and data science, spanning practitioner, commercial, public sector, and academic domains. Best practices framed will be of interest to CSDS practitioners, security professionals, risk management stewards, and institutional stakeholders. Organizational and industry perspectives will be of interest to cybersecurity analysts, managers, planners, strategists, and regulators. Research professionals and academics are presented with a systematic analysis of the CSDS field, including an overview of the state of the art, a structured evaluation of key challenges, recommended best practices, and an extensive bibliography.

ICCWS 2019 14th International Conference on Cyber Warfare and Security

ICCWS 2019 14th International Conference on Cyber Warfare and Security
Author: Noëlle van der Waag-Cowling,Louise Leenen
Publsiher: Academic Conferences and publishing limited
Total Pages: 135
Release: 2019-02-28
ISBN: 1912764121
Category: Language Arts & Disciplines
Language: EN, FR, DE, ES & NL

ICCWS 2019 14th International Conference on Cyber Warfare and Security Book Excerpt:

Measurement across the Sciences

Measurement across the Sciences
Author: Luca Mari,Mark Wilson,Andrew Maul
Publsiher: Springer Nature
Total Pages: 287
Release: 2021-05-01
ISBN: 303065558X
Category: Science
Language: EN, FR, DE, ES & NL

Measurement across the Sciences Book Excerpt:

This book proposes a conceptual framework for understanding measurement across a broad range of scientific fields and areas of application, such as physics, engineering, education, and psychology. The authors, who themselves span these disciplines, argue that the justification of the public trust attributed to measurement results can in principle apply identically to both physical and psychosocial properties. They further argue that the lack of a common conceptualization of measurement hampers interdisciplinary communication and limits the ability to share knowledge. They advance their views by first surveying the conceptual history of the philosophy of measurement and arguing that classical, operationalist and representational perspectives on measurement each make important contributions but also each have important shortcomings. A synthesis is then offered as the foundation for a new conceptual framework. The authors describe how the framework, which operates as a shared concept system, supports understanding measurement’s work in different domains, using examples in the physical and human sciences. They consider connections and consequences with respect to causality, objectivity, and intersubjectivity, among other topics, and how measurement science concepts and issues are construed across these disciplines and settings. They also address contemporary issues and controversies within measurement in the light of the framework, including operationalism, definitional uncertainty, and the relations between measurement and computation. The book concludes with a justification for the basic claim that measurement is an empirical and informational process that produces explicitly justifiable information. Researchers and academics across a wide range of disciplines including biological, physical, social and behavioral scientists, as well as specialists in measurement and philosophy will appreciate the work’s fresh and provocative approach to the field at a time when sound measurements of complex scientific systems are increasingly essential to solving critical global problems.

Cybersecurity for Business

Cybersecurity for Business
Author: Larry Clinton
Publsiher: Kogan Page Publishers
Total Pages: 135
Release: 2022-04-03
ISBN: 1398606391
Category: Business & Economics
Language: EN, FR, DE, ES & NL

Cybersecurity for Business Book Excerpt:

Balance the benefits of digital transformation with the associated risks with this guide to effectively managing cybersecurity as a strategic business issue. Important and cost-effective innovations can substantially increase cyber risk and the loss of intellectual property, corporate reputation and consumer confidence. Over the past several years, organizations around the world have increasingly come to appreciate the need to address cybersecurity issues from a business perspective, not just from a technical or risk angle. Cybersecurity for Business builds on a set of principles developed with international leaders from technology, government and the boardroom to lay out a clear roadmap of how to meet goals without creating undue cyber risk. This essential guide outlines the true nature of modern cyber risk, and how it can be assessed and managed using modern analytical tools to put cybersecurity in business terms. It then describes the roles and responsibilities each part of the organization has in implementing an effective enterprise-wide cyber risk management program, covering critical issues such as incident response, supply chain management and creating a culture of security. Bringing together a range of experts and senior leaders, this edited collection enables leaders and students to understand how to manage digital transformation and cybersecurity from a business perspective.

The Security Risk Assessment Handbook

The Security Risk Assessment Handbook
Author: Douglas Landoll
Publsiher: CRC Press
Total Pages: 512
Release: 2021-09-27
ISBN: 1000413209
Category: Business & Economics
Language: EN, FR, DE, ES & NL

The Security Risk Assessment Handbook Book Excerpt:

Conducted properly, information security risk assessments provide managers with the feedback needed to manage risk through the understanding of threats to corporate assets, determination of current control vulnerabilities, and appropriate safeguards selection. Performed incorrectly, they can provide the false sense of security that allows potential threats to develop into disastrous losses of proprietary information, capital, and corporate value. Picking up where its bestselling predecessors left off, The Security Risk Assessment Handbook: A Complete Guide for Performing Security Risk Assessments, Third Edition gives you detailed instruction on how to conduct a security risk assessment effectively and efficiently, supplying wide-ranging coverage that includes security risk analysis, mitigation, and risk assessment reporting. The third edition has expanded coverage of essential topics, such as threat analysis, data gathering, risk analysis, and risk assessment methods, and added coverage of new topics essential for current assessment projects (e.g., cloud security, supply chain management, and security risk assessment methods). This handbook walks you through the process of conducting an effective security assessment, and it provides the tools, methods, and up-to-date understanding you need to select the security measures best suited to your organization. Trusted to assess security for small companies, leading organizations, and government agencies, including the CIA, NSA, and NATO, Douglas J. Landoll unveils the little-known tips, tricks, and techniques used by savvy security professionals in the field. It includes features on how to Better negotiate the scope and rigor of security assessments Effectively interface with security assessment teams Gain an improved understanding of final report recommendations Deliver insightful comments on draft reports This edition includes detailed guidance on gathering data and analyzes over 200 administrative, technical, and physical controls using the RIIOT data gathering method; introduces the RIIOT FRAME (risk assessment method), including hundreds of tables, over 70 new diagrams and figures, and over 80 exercises; and provides a detailed analysis of many of the popular security risk assessment methods in use today. The companion website (infosecurityrisk.com) provides downloads for checklists, spreadsheets, figures, and tools.

Innovations in Digital Economy

Innovations in Digital Economy
Author: Dmitrii Rodionov,Tatiana Kudryavtseva,Mohammed Ali Berawi,Angi Skhvediani
Publsiher: Springer Nature
Total Pages: 155
Release: 2020-10-09
ISBN: 3030600807
Category: Computers
Language: EN, FR, DE, ES & NL

Innovations in Digital Economy Book Excerpt:

This book constitutes the revised and extended papers of the First International Conference on Innovations in Digital Economy, SPBU IDE 2019, held in St. Petersburg, Russia, in October 2019. The 8 papers presented were thoroughly reviewed and selected for publication from 78 submissions. The papers are organized according the following topical sections: economic efficiency and social consequences of digital innovations implementation; industrial, service and agricultural digitalization; regional innovation systems and clusters as drivers of the economic growth during the Fourth Industrial Revolution; response of an educational system and labor market to the digital-driven changes in the economic system.

CISO COMPASS

CISO COMPASS
Author: Todd Fitzgerald
Publsiher: CRC Press
Total Pages: 526
Release: 2018-11-21
ISBN: 0429677839
Category: Computers
Language: EN, FR, DE, ES & NL

CISO COMPASS Book Excerpt:

Todd Fitzgerald, co-author of the ground-breaking (ISC)2 CISO Leadership: Essential Principles for Success, Information Security Governance Simplified: From the Boardroom to the Keyboard, co-author for the E-C Council CISO Body of Knowledge, and contributor to many others including Official (ISC)2 Guide to the CISSP CBK, COBIT 5 for Information Security, and ISACA CSX Cybersecurity Fundamental Certification, is back with this new book incorporating practical experience in leading, building, and sustaining an information security/cybersecurity program. CISO COMPASS includes personal, pragmatic perspectives and lessons learned of over 75 award-winning CISOs, security leaders, professional association leaders, and cybersecurity standard setters who have fought the tough battle. Todd has also, for the first time, adapted the McKinsey 7S framework (strategy, structure, systems, shared values, staff, skills and style) for organizational effectiveness to the practice of leading cybersecurity to structure the content to ensure comprehensive coverage by the CISO and security leaders to key issues impacting the delivery of the cybersecurity strategy and demonstrate to the Board of Directors due diligence. The insights will assist the security leader to create programs appreciated and supported by the organization, capable of industry/ peer award-winning recognition, enhance cybersecurity maturity, gain confidence by senior management, and avoid pitfalls. The book is a comprehensive, soup-to-nuts book enabling security leaders to effectively protect information assets and build award-winning programs by covering topics such as developing cybersecurity strategy, emerging trends and technologies, cybersecurity organization structure and reporting models, leveraging current incidents, security control frameworks, risk management, laws and regulations, data protection and privacy, meaningful policies and procedures, multi-generational workforce team dynamics, soft skills, and communicating with the Board of Directors and executive management. The book is valuable to current and future security leaders as a valuable resource and an integral part of any college program for information/ cybersecurity.

Agile Security Operations

Agile Security Operations
Author: Hinne Hettema
Publsiher: Packt Publishing Ltd
Total Pages: 254
Release: 2022-02-17
ISBN: 1801812551
Category: Computers
Language: EN, FR, DE, ES & NL

Agile Security Operations Book Excerpt:

Get to grips with security operations through incident response, the ATT&CK framework, active defense, and agile threat intelligence Key Features Explore robust and predictable security operations based on measurable service performance Learn how to improve the security posture and work on security audits Discover ways to integrate agile security operations into development and operations Book Description Agile security operations allow organizations to survive cybersecurity incidents, deliver key insights into the security posture of an organization, and operate security as an integral part of development and operations. It is, deep down, how security has always operated at its best. Agile Security Operations will teach you how to implement and operate an agile security operations model in your organization. The book focuses on the culture, staffing, technology, strategy, and tactical aspects of security operations. You'll learn how to establish and build a team and transform your existing team into one that can execute agile security operations. As you progress through the chapters, you'll be able to improve your understanding of some of the key concepts of security, align operations with the rest of the business, streamline your operations, learn how to report to senior levels in the organization, and acquire funding. By the end of this Agile book, you'll be ready to start implementing agile security operations, using the book as a handy reference. What you will learn Get acquainted with the changing landscape of security operations Understand how to sense an attacker's motives and capabilities Grasp key concepts of the kill chain, the ATT&CK framework, and the Cynefin framework Get to grips with designing and developing a defensible security architecture Explore detection and response engineering Overcome challenges in measuring the security posture Derive and communicate business values through security operations Discover ways to implement security as part of development and business operations Who this book is for This book is for new and established CSOC managers as well as CISO, CDO, and CIO-level decision-makers. If you work as a cybersecurity engineer or analyst, you'll find this book useful. Intermediate-level knowledge of incident response, cybersecurity, and threat intelligence is necessary to get started with the book.

ECCWS 2019 18th European Conference on Cyber Warfare and Security

ECCWS 2019 18th European Conference on Cyber Warfare and Security
Author: Tiago Cruz ,Paulo Simoes
Publsiher: Academic Conferences and publishing limited
Total Pages: 135
Release: 2019-07-04
ISBN: 1912764296
Category: Computers
Language: EN, FR, DE, ES & NL

ECCWS 2019 18th European Conference on Cyber Warfare and Security Book Excerpt:

Critical Information Infrastructures Security

Critical Information Infrastructures Security
Author: Simin Nadjm-Tehrani
Publsiher: Springer Nature
Total Pages: 210
Release: 2019-12-19
ISBN: 3030376702
Category: Computers
Language: EN, FR, DE, ES & NL

Critical Information Infrastructures Security Book Excerpt:

This book constitutes the revised selected papers of the 14th International Conference on Critical Information Infrastructures Security, CRITIS 2019, held in Linköping, Sweden, in September 2019. The 10 full papers and 5 short papers presented were carefully reviewed and selected from 30 submissions. They are grouped in the following topical sections: Invited Papers, Risk Management, Vulnerability Assessment, Resilience and Mitigation Short Papers, and Industry and Practical Experience Reports.

The Oxford Handbook of Cyber Security

The Oxford Handbook of Cyber Security
Author: Paul Cornish
Publsiher: Oxford University Press
Total Pages: 880
Release: 2021-11-04
ISBN: 0198800681
Category: Political Science
Language: EN, FR, DE, ES & NL

The Oxford Handbook of Cyber Security Book Excerpt:

The Oxford Handbook of Cyber Security presents forty-eight chapters examining the technological, economic, commercial, and strategic aspects of cyber security, including studies at the international, regional, amd national level.

How to Manage Cybersecurity Risk

How to Manage Cybersecurity Risk
Author: Christopher T. Carlson
Publsiher: Universal-Publishers
Total Pages: 284
Release: 2019-10-15
ISBN: 1627342761
Category: Computers
Language: EN, FR, DE, ES & NL

How to Manage Cybersecurity Risk Book Excerpt:

Protecting information systems to reduce the risk of security incidents is critical for organizations today. This writing provides instruction for security leaders on the processes and techniques for managing a security program. It contains practical information on the breadth of information security topics, referring to many other writings that provide details on technical security topics. This provides foundation for a security program responsive to technology developments and an evolving threat environment. The security leader may be engaged by an organization that is in crisis, where the priority action is to recover from a serious incident. This work offers foundation knowledge for the security leader to immediately apply to the organization’s security program while improving it to the next level, organized by development stage: • Reactive – focused on incident detection and response • Planned – control requirements, compliance and reporting • Managed – integrated security business processes The security leader must also communicate with the organization executive, whose focus is on results such as increasing revenues or reducing costs. The security leader may initially be welcomed as the wizard who applies mysterious skills to resolve an embarrassing incident. But the organization executive will lose patience with a perpetual crisis and demand concrete results. This writing explains how to communicate in terms executives understand.

Cybersecurity

Cybersecurity
Author: Duane C. Wilson
Publsiher: MIT Press
Total Pages: 160
Release: 2021-09-14
ISBN: 0262542544
Category: Computers
Language: EN, FR, DE, ES & NL

Cybersecurity Book Excerpt:

An accessible guide to cybersecurity for the everyday user, covering cryptography and public key infrastructure, malware, blockchain, and other topics. It seems that everything we touch is connected to the internet, from mobile phones and wearable technology to home appliances and cyber assistants. The more connected our computer systems, the more exposed they are to cyber attacks--attempts to steal data, corrupt software, disrupt operations, and even physically damage hardware and network infrastructures. In this volume of the MIT Press Essential Knowledge series, cybersecurity expert Duane Wilson offers an accessible guide to cybersecurity issues for everyday users, describing risks associated with internet use, modern methods of defense against cyber attacks, and general principles for safer internet use. Wilson describes the principles that underlie all cybesecurity defense: confidentiality, integrity, availability, authentication, authorization, and non-repudiation (validating the source of information). He explains that confidentiality is accomplished by cryptography; examines the different layers of defense; analyzes cyber risks, threats, and vulnerabilities; and breaks down the cyber kill chain and the many forms of malware. He reviews some online applications of cybersecurity, including end-to-end security protection, secure ecommerce transactions, smart devices with built-in protections, and blockchain technology. Finally, Wilson considers the future of cybersecurity, discussing the continuing evolution of cyber defenses as well as research that may alter the overall threat landscape.

The Metrics Manifesto

The Metrics Manifesto
Author: Richard Seiersen
Publsiher: John Wiley & Sons
Total Pages: 320
Release: 2022-05-03
ISBN: 1119515416
Category: Computers
Language: EN, FR, DE, ES & NL

The Metrics Manifesto Book Excerpt:

Security professionals are trained skeptics. They poke and prod at other people’s digital creations, expecting them to fail in unexpected ways. Shouldn’t that same skeptical power be turned inward? Shouldn’t practitioners ask: “How do I know that my enterprise security capabilities work? Are they scaling, accelerating, or slowing as the business exposes more value to more people and through more channels at higher velocities?” This is the start of the modern measurement mindset—the mindset that seeks to confront security with data. The Metrics Manifesto: Confronting Security with Data delivers an examination of security metrics with R, the popular open-source programming language and software development environment for statistical computing. This insightful and up-to-date guide offers readers a practical focus on applied measurement that can prove or disprove the efficacy of information security measures taken by a firm. The book’s detailed chapters combine topics like security, predictive analytics, and R programming to present an authoritative and innovative approach to security metrics. The author and security professional examines historical and modern methods of measurement with a particular emphasis on Bayesian Data Analysis to shed light on measuring security operations. Readers will learn how processing data with R can help measure security improvements and changes as well as help technology security teams identify and fix gaps in security. The book also includes downloadable code for people who are new to the R programming language. Perfect for security engineers, risk engineers, IT security managers, CISOs, and data scientists comfortable with a bit of code, The Metrics Manifesto offers readers an invaluable collection of information to help professionals prove the efficacy of security measures within their company.