Zero Trust Journey Across the Digital Estate


Book Description

"Zero Trust is the strategy that organizations need to implement to stay ahead of cyber threats, period. The industry has 30 plus years of categorical failure that shows us that our past approaches, while earnest in their efforts, have not stopped attackers. Zero Trust strategically focuses on and systematically removes the power and initiatives hackers and adversaries need to win as they circumvent security controls. This book will help you and your organization have a better understanding of what Zero Trust really is, recognize its history, and gain prescriptive knowledge that will help you and your enterprise finally begin beating the adversaries in the chess match that is cyber security strategy." Dr. Chase Cunningham (aka Dr. Zero Trust), Cyberware Expert Today’s organizations require a new security approach that effectively adapts to the challenges of the modern environment, embraces the mobile workforce, and protects people, devices, apps, and data wherever they are located. Zero Trust is increasingly becoming the critical security approach of choice for many enterprises and governments; however, security leaders often struggle with the significant shifts in strategy and architecture required to holistically implement Zero Trust. This book seeks to provide an end-to-end view of the Zero Trust approach across organizations’ digital estates that includes strategy, business imperatives, architecture, solutions, human elements, and implementation approaches that could significantly enhance these organizations' success in learning, adapting, and implementing Zero Trust. The book concludes with a discussion of the future of Zero Trust in areas such as artificial intelligence, blockchain technology, operational technology (OT), and governance, risk, and compliance. The book is ideal for business decision makers, cybersecurity leaders, security technical professionals, and organizational change agents who want to modernize their digital estate with the Zero Trust approach.




Managing Risks in Digital Transformation


Book Description

Secure your business in a post-pandemic world: Master digital risk identification and defense Purchase of the print or Kindle book includes a free PDF eBook Key FeaturesBecome well-versed with sophisticated system-level security risks and the zero-trust frameworkLearn about remote working risks, modern collaboration, and securing the digital data estateKeep up with rapidly evolving compliances and regulations and their impact on cyber risksBook Description With the rapid pace of digital change today, especially since the pandemic sped up digital transformation and technologies, it has become more important than ever to be aware of the unknown risks and the landscape of digital threats. This book highlights various risks and shows how business-as-usual operations carried out by unaware or targeted workers can lead your organization to a regulatory or business risk, which can impact your organization's reputation and balance sheet. This book is your guide to identifying the topmost risks relevant to your business with a clear roadmap of when to start the risk mitigation process and what your next steps should be. With a focus on the new and emerging risks that remote-working companies are experiencing across diverse industries, you'll learn how to manage risks by taking advantage of zero trust network architecture and the steps to be taken when smart devices are compromised. Toward the end, you'll explore various types of AI-powered machines and be ready to make your business future-proof. In a nutshell, this book will direct you on how to identify and mitigate risks that the ever- advancing digital technology has unleashed. What you will learnBecome aware of and adopt the right approach to modern digital transformationExplore digital risks across companies of all sizesStudy real-world cases that focus on post-pandemic digital transformationUnderstand insider threats and how to mitigate vulnerability exploitationGet to know how cyberwarfare targets infrastructure and disrupts critical systemsDiscover how implementing a regulatory framework can safeguard you in the current and future data landscapesWho this book is for This book is for three categories of readers—those who own a business and are planning to scale it; those who are leading business and technology charters in large companies or institutions; and those who are academically or disciplinarily targeting cybersecurity and risk management as a practice-area. Essentially, this book is for board members, and professionals working in IT, GRC, and legal domains. It will also help technology leaders, including chief digital officers, chief privacy officers, chief risk officers, CISOs, CIOs, as well as students and cybersecurity enthusiasts with basic awareness of risks to navigate the digital threat landscape.




Effective Crisis Management


Book Description

Develop crisis plans, practise them, and minimise threats KEY FEATURES ● Understand the reasons why you should expect the unexpected. ● Learn what it means to put people first. ● Explain why transparency is always preferable when things go bad. ● Identify strategies for bolstering credibility and safeguarding the brand. ● Speed up decision-making and response times in an emergency. ● Distinguish between fact and fiction to eliminate prejudice. ● Learn the art to turn a negative into a positive charge. ● Use your ability to look backward to alter the course of the future. ● Encourage a contented and efficient workforce. DESCRIPTION Using real-world examples of what may go wrong during a crisis, the author of "Effective Crisis Management" intends to infuse some realism and insight into the incident response and crisis management field. Written by an Executive and Board Advisor who has dedicated over 25 years to improving both the strategic and tactical response to crises, this book guides the reader through a series of episodes designed to help individuals grasp the factors at play in directing a successful crisis response. Following the steps outlined in this book, readers can uncover and make the most of the many insights and unrealized possibilities afforded by earlier catastrophic events. The book includes case studies and stories that will give the readers a sense of what it's like to manage a crisis in practice and why it requires more than just following a plan. The book explains how and why you should be ready for the unexpected as part of a "assume failure" mindset. Finally, this book delves deep into a crisis's psychological impact on individuals and explains why focusing on their strength and well-being is crucial to providing effective aid. WHAT YOU WILL LEARN ● Realize how you respond to a problem matters more than the problem itself. ● Get to the bottom of the recurring issues highlighted by numerous public inquiries. ● Find ways to be extra cautious and fair while setting standards. ● Discover the qualities that help leaders excel in times of crisis. ● Cultivate a skill set emphasizing kindness, wisdom, seriousness, and sincerity. ● Establish the methods to determine the causes and circumstances of occurrences. WHO THIS BOOK IS FOR Anyone interested in a career in managing the response to major incidents will find valuable information in this book written for experienced crisis managers and those who aspire to reach that position. To put it another way, it helps people see how they can use every crisis as an opportunity to strengthen their relationships and continue the trust. TABLE OF CONTENTS 1. Introduction 2. Action 3. Believable 4. Communication 5. Diligence 6. Empathy 7. Fact 8. Gravitas 9. Honesty 10. Investigation 11. Justice 12. Knowledge 13. Lessons 14. Media 15. Near Miss 16. Opportunity 17. People 18. Questions 19. Resilience 20. Strategy 21. Time 22. Underdog 23. Victory 24. Wellbeing 25. X - Marks the Spot 26. Y-Why 27. Zero Trust 28. Final Thoughts




IoT and OT Security Handbook


Book Description

Leverage Defender for IoT for understanding common attacks and achieving zero trust for IoT and OT devices Purchase of the print or Kindle book includes a free PDF eBook Key FeaturesIdentify and resolve cybersecurity challenges in the IoT and OT worldsFamiliarize yourself with common attack vectors in the IoT and OT domainsDive into Defender for IoT, understand its capabilities, and put it to practiceBook Description The Fourth Industrial Revolution, or Industry 4.0, is all about digital transformation, manufacturing, and production. The connected world we live in today, including industries, comes with several cybersecurity challenges that need immediate attention. This book takes you through the basics of IoT and OT architecture and helps you understand and mitigate these security challenges. The book begins with an overview of the challenges faced in managing and securing IoT and OT devices in Industry 4.0. You'll then get to grips with the Purdue model of reference architecture, which will help you explore common cyber attacks in IoT and OT environments. As you progress, you'll be introduced to Microsoft Defender for IoT and understand its capabilities in securing IoT and OT environments. Finally, you will discover best practices for achieving continuous monitoring and vulnerability management, as well as threat monitoring and hunting, and find out how to align your business model toward zero trust. By the end of this security book, you'll be equipped with the knowledge and skills to efficiently secure IoT and OT environments using Microsoft Defender for IoT. What you will learnDiscover security challenges faced in IoT and OT environmentsUnderstand the security issues in Industry 4.0Explore Microsoft Defender for IoT and learn how it aids in securing the IoT/OT industryFind out how to deploy Microsoft Defender for IoT along with its prerequisitesUnderstand the importance of continuous monitoringGet familiarized with vulnerability management in the IoT and OT worldsDive into risk assessment as well as threat monitoring and huntingAchieve zero trust for IoT devicesWho this book is for This book is for industrial security, IoT security, and IT security professionals. Security engineers, including pentesters, security architects, and ethical hackers, who want to ensure the security of their organization's data when connected with the IoT will find this book useful.




IT Audit Field Manual


Book Description

Master effective IT auditing techniques, from security control reviews to advanced cybersecurity practices, with this essential field manual Key Features Secure and audit endpoints in Windows environments for robust defense Gain practical skills in auditing Linux systems, focusing on security configurations and firewall auditing using tools such as ufw and iptables Cultivate a mindset of continuous learning and development for long-term career success Purchase of the print or Kindle book includes a free PDF eBook Book DescriptionAs cyber threats evolve and regulations tighten, IT professionals struggle to maintain effective auditing practices and ensure robust cybersecurity across complex systems. Drawing from over a decade of submarine military service and extensive cybersecurity experience, Lewis offers a unique blend of technical expertise and field-tested insights in this comprehensive field manual. Serving as a roadmap for beginners as well as experienced professionals, this manual guides you from foundational concepts and audit planning to in-depth explorations of auditing various IT systems and networks, including Cisco devices, next-generation firewalls, cloud environments, endpoint security, and Linux systems. You’ll develop practical skills in assessing security configurations, conducting risk assessments, and ensuring compliance with privacy regulations. This book also covers data protection, reporting, remediation, advanced auditing techniques, and emerging trends. Complete with insightful guidance on building a successful career in IT auditing, by the end of this book, you’ll be equipped with the tools to navigate the complex landscape of cybersecurity and compliance, bridging the gap between technical expertise and practical application.What you will learn Evaluate cybersecurity across AWS, Azure, and Google Cloud with IT auditing principles Conduct comprehensive risk assessments to identify vulnerabilities in IT systems Explore IT auditing careers, roles, and essential knowledge for professional growth Assess the effectiveness of security controls in mitigating cyber risks Audit for compliance with GDPR, HIPAA, SOX, and other standards Explore auditing tools for security evaluations of network devices and IT components Who this book is for The IT Audit Field Manual is for both aspiring and early-career IT professionals seeking a comprehensive introduction to IT auditing. If you have a basic understanding of IT concepts and wish to develop practical skills in auditing diverse systems and networks, this book is for you. Beginners will benefit from the clear explanations of foundational principles, terminology, and audit processes, while those looking to deepen their expertise will find valuable insights throughout.




Learning Microsoft Azure


Book Description

If your organization plans to modernize services and move to the cloud from legacy software or a private cloud on premises, this book is for you. Software developers, solution architects, cloud engineers, and anybody interested in cloud technologies will learn fundamental concepts for cloud computing, migration, transformation, and development using Microsoft Azure. Author and Microsoft MVP Jonah Carrio Andersson guides you through cloud computing concepts and deployment models, the wide range of modern cloud technologies, application development with Azure, team collaboration services, security services, and cloud migration options in Microsoft Azure. You'll gain insight into the Microsoft Azure cloud services that you can apply in different business use cases, software development projects, and modern solutions in the cloud. You'll also become fluent with Azure cloud migration services, serverless computing technologies that help your development team work productively, Azure IoT, and Azure cognitive services that make your application smarter. This book also provides real-world advice and best practices based on the author's own Azure migration experience. Gain insight into which Azure cloud service best suits your company's particular needs Understand how to use Azure for different use cases and specific technical requirements Start developing cloud services, applications, and solutions in the Azure environment Learn how to migrate existing legacy applications to Microsoft Azure




The Florentine Deception


Book Description

In this action-packed techno-thriller, a routine computer cleanup sets off an electrifying quest for an enigmatic—and deadly—treasure. After selling his dorm-room startup for millions and effectively retiring at the age of twenty-five, Alex Fife is eager for a new challenge. When he agrees to clean up an old PC as a favor, he never expects to find the adventure of a lifetime waiting for him inside the machine. But as he rummages through old emails, Alex stumbles upon a startling discovery: The previous owner, a shady antiques smuggler, had been trying to unload a mysterious object known as the Florentine on the black market. And with the dealer’s untimely passing, the Florentine is now unaccounted for and ripe for the taking. Alex dives headfirst into a hunt for the priceless object. What starts out as a seemingly innocuous pursuit quickly devolves into a nightmare when Alex discovers the true technological nature of the Florentine. Not just a lost treasure, it’s something far more insidious: a weapon that could bring the developed world to its knees. Alex races through subterranean grottos, freezing morgues, and hidden cellars in the dark underbelly of Los Angeles, desperate to find the Florentine before it falls into the wrong hands. Because if nefarious forces find it first, there’ll be nothing Alex—or anyone else—can do to prevent a catastrophic attack. Leading security specialist Carey Nachenberg delivers expert technical details in this gripping, highly entertaining cyber thrill ride—perfect for fans of Neal Stephenson and William Gibson.




The Tao of Network Security Monitoring


Book Description

"The book you are about to read will arm you with the knowledge you need to defend your network from attackers—both the obvious and the not so obvious.... If you are new to network security, don't put this book back on the shelf! This is a great book for beginners and I wish I had access to it many years ago. If you've learned the basics of TCP/IP protocols and run an open source or commercial IDS, you may be asking 'What's next?' If so, this book is for you." —Ron Gula, founder and CTO, Tenable Network Security, from the Foreword "Richard Bejtlich has a good perspective on Internet security—one that is orderly and practical at the same time. He keeps readers grounded and addresses the fundamentals in an accessible way." —Marcus Ranum, TruSecure "This book is not about security or network monitoring: It's about both, and in reality these are two aspects of the same problem. You can easily find people who are security experts or network monitors, but this book explains how to master both topics." —Luca Deri, ntop.org "This book will enable security professionals of all skill sets to improve their understanding of what it takes to set up, maintain, and utilize a successful network intrusion detection strategy." —Kirby Kuehl, Cisco Systems Every network can be compromised. There are too many systems, offering too many services, running too many flawed applications. No amount of careful coding, patch management, or access control can keep out every attacker. If prevention eventually fails, how do you prepare for the intrusions that will eventually happen? Network security monitoring (NSM) equips security staff to deal with the inevitable consequences of too few resources and too many responsibilities. NSM collects the data needed to generate better assessment, detection, and response processes—resulting in decreased impact from unauthorized activities. In The Tao of Network Security Monitoring , Richard Bejtlich explores the products, people, and processes that implement the NSM model. By focusing on case studies and the application of open source tools, he helps you gain hands-on knowledge of how to better defend networks and how to mitigate damage from security incidents. Inside, you will find in-depth information on the following areas. The NSM operational framework and deployment considerations. How to use a variety of open-source tools—including Sguil, Argus, and Ethereal—to mine network traffic for full content, session, statistical, and alert data. Best practices for conducting emergency NSM in an incident response scenario, evaluating monitoring vendors, and deploying an NSM architecture. Developing and applying knowledge of weapons, tactics, telecommunications, system administration, scripting, and programming for NSM. The best tools for generating arbitrary packets, exploiting flaws, manipulating traffic, and conducting reconnaissance. Whether you are new to network intrusion detection and incident response, or a computer-security veteran, this book will enable you to quickly develop and apply the skills needed to detect, prevent, and respond to new and emerging threats.




The Executor's Guide


Book Description




Digital and Social Media Marketing


Book Description

This book examines issues and implications of digital and social media marketing for emerging markets. These markets necessitate substantial adaptations of developed theories and approaches employed in the Western world. The book investigates problems specific to emerging markets, while identifying new theoretical constructs and practical applications of digital marketing. It addresses topics such as electronic word of mouth (eWOM), demographic differences in digital marketing, mobile marketing, search engine advertising, among others. A radical increase in both temporal and geographical reach is empowering consumers to exert influence on brands, products, and services. Information and Communication Technologies (ICTs) and digital media are having a significant impact on the way people communicate and fulfil their socio-economic, emotional and material needs. These technologies are also being harnessed by businesses for various purposes including distribution and selling of goods, retailing of consumer services, customer relationship management, and influencing consumer behaviour by employing digital marketing practices. This book considers this, as it examines the practice and research related to digital and social media marketing.