Cover image for Cybersecurity Threats, Malware Trends, and Strategies

Cybersecurity Threats, Malware Trends, and Strategies

Author Tim Rains
Release Date: 2020/05/01
Topic:
0%
14
Chapters
0-1
Hours read
0k
Total Words
    Start Reading Now    
       Add to Wishlist       
View table of contents

Book Description

After scrutinizing numerous cybersecurity strategies, Microsoft's former Global Chief Security Advisor provides unique insights on the evolution of the threat landscape and how enterprises can address modern cybersecurity challenges.

Key Features

  • Protect your organization from cybersecurity threats with field-tested strategies by the former most senior security advisor at Microsoft
  • Discover the most common ways enterprises initially get compromised
  • Measure the effectiveness of your organization's current cybersecurity program against cyber attacks

Book Description

Cybersecurity Threats, Malware Trends, and Strategies shares numerous insights about the threats that both public and private sector organizations face and the cybersecurity strategies that can mitigate them.

The book provides an unprecedented long-term view of the global threat landscape by examining the twenty-year trend in vulnerability disclosures and exploitation, nearly a decade of regional differences in malware infections, the socio-economic factors that underpin them, and how global malware has evolved. This will give you further perspectives into malware protection for your organization. It also examines internet-based threats that CISOs should be aware of.

The book will provide you with an evaluation of the various cybersecurity strategies that have ultimately failed over the past twenty years, along with one or two that have actually worked. It will help executives and security and compliance professionals understand how cloud computing is a game changer for them.

By the end of this book, you will know how to measure the effectiveness of your organization's cybersecurity strategy and the efficacy of the vendors you employ to help you protect your organization and yourself.

What you will learn

  • Discover cybersecurity strategies and the ingredients critical to their success
  • Improve vulnerability management by reducing risks and costs for your organization
  • Learn how malware and other threats have evolved over the past decade
  • Mitigate internet-based threats, phishing attacks, and malware distribution sites
  • Weigh the pros and cons of popular cybersecurity strategies of the past two decades
  • Implement and then measure the outcome of a cybersecurity strategy
  • Learn how the cloud provides better security capabilities than on-premises IT environments

Who this book is for

This book is for senior management at commercial sector and public sector organizations, including Chief Information Security Officers (CISOs) and other senior managers of cybersecurity groups, Chief Information Officers (CIOs), Chief Technology Officers (CTOs) and senior IT managers who want to explore the entire spectrum of cybersecurity, from threat hunting and security risk management to malware analysis. Governance, risk, and compliance professionals will also benefit. Cybersecurity experts that pride themselves on their knowledge of the threat landscape will come to use this book as a reference.

Table of Contents

  1. Preface
    1. Who this book is for?
    2. What this book covers
    3. To get the most out of this book
    4. Conventions used
    5. Get in touch
  2. Ingredients for a Successful Cybersecurity Strategy
    1. What is a cybersecurity strategy?
    2. How organizations get initially compromised and the cybersecurity fundamentals
      1. Unpatched vulnerabilities
      2. Security misconfigurations
      3. Weak, leaked, and stolen credentials
      4. Social engineering
      5. Insider threats
      6. Focus on the cybersecurity fundamentals
    3. Understanding the difference between the attacker's motivations and tactics
    4. Other ingredients for a successful strategy
      1. Business objective alignment
      2. Cybersecurity vision, mission, and imperatives
      3. Senior executive and board support
      4. Understand the risk appetite
      5. Realistic view of current cybersecurity capabilities and technical talent
      6. Compliance program and control framework alignment
      7. An effective relationship between cybersecurity and IT
      8. Security culture
    5. Chapter summary
    6. References
  3. Using Vulnerability Trends to Reduce Risk and Costs
    1. Introduction
    2. Vulnerability Management Primer
      1. Vulnerability Disclosure Data Sources
      2. Industry Vulnerability Disclosure Trends
      3. Reducing Risk and Costs – Measuring Vendor and Product Improvement
        1. Oracle Vulnerability Trends
        2. Apple Vulnerability Trends
        3. IBM Vulnerability Trends
        4. Google Vulnerability Trends
        5. Microsoft Vulnerability Trends
        6. Vendor Vulnerability Trend Summary
      4. Operating System Vulnerability Trends
        1. Microsoft Operating System Vulnerability Trends
        2. Windows XP Vulnerability Trends
        3. Windows 7 Vulnerability Trends
        4. Windows Server 2012 and 2016 Vulnerability Trends
        5. Windows 10 Vulnerability Trends
        6. Linux Kernel Vulnerability Trends
        7. Google Android Vulnerability Trends
        8. Apple macOS Vulnerability Trends
        9. Operating Systems Vulnerability Trend Summary
      5. Web Browser Vulnerability Trends
        1. Internet Explorer Vulnerability Trends
        2. Microsoft Edge Vulnerability Trends
        3. Google Chrome Vulnerability Trends
        4. Mozilla Firefox Vulnerability Trends
        5. Apple Safari Vulnerability Trends
        6. Web Browser Vulnerability Trend Summary
      6. Vulnerability Management Guidance
    3. Chapter summary
    4. References
  4. The Evolution of the Threat Landscape – Malware
    1. Introduction
    2. Why is there so much malware on Windows compared to other platforms?
    3. Data sources
      1. The Malicious Software Removal Tool
      2. Real-time anti-malware tools
      3. Non-security data sources
    4. About malware
      1. How malware infections spread
      2. Trojans
      3. Potentially unwanted software
      4. Exploits and exploit kits
      5. Worms
      6. Ransomware
      7. Viruses
      8. Browser modifiers
      9. Measuring malware prevalence
    5. Global Windows malware infection analysis
    6. Regional Windows malware infection analysis
      1. The long-term view of the threat landscape in the Middle East and Northern Africa
        1. 10-year regional report card for the Middle East and Northern Africa
      2. The long-term view of the threat landscape in the European Union and Eastern Europe
        1. 10-year regional report card for the European Union
        2. 10-year regional report card for select Eastern European locations
      3. The long-term view of the threat landscape in select locations in Asia
        1. 10-year regional report card for Asia
      4. The long-term view of the threat landscape in select locations in the Americas
        1. 10-year regional report card for the Americas
      5. Regional Windows malware infection analysis conclusions
        1. What does this all mean for CISOs and enterprise security teams?
    7. Global malware evolution
      1. Global malware evolution conclusions
    8. The great debate – are anti-malware solutions really worthwhile?
    9. Threat intelligence best practices and tips
      1. Tip #1 – data sources
      2. Tip #2 – time periods
      3. Tip #3 – recognizing hype
      4. Tip #4 – predictions about the future
      5. Tip #5 – vendors' motives
    10. Chapter summary
    11. References
  5. Internet-Based Threats
    1. Introduction
    2. A typical attack
    3. Phishing attacks
      1. Mitigating phishing
    4. Drive-by download attacks
      1. Mitigating drive-by download attacks
    5. Malware hosting sites
      1. Mitigating malware distribution
    6. Post compromise – botnets and DDoS attacks
    7. Chapter summary
    8. References
  6. Cybersecurity Strategies
    1. Introduction
    2. Measuring the efficacy of cybersecurity strategies
    3. Cybersecurity strategies
      1. Protect and Recover Strategy
        1. Cybersecurity fundamentals scoring system score
        2. Protect and Recover Strategy summary
      2. Endpoint Protection Strategy
        1. Cybersecurity fundamentals scoring system score
        2. Endpoint Protection Strategy summary
      3. Physical Control and Security Clearances as a Security Strategy
        1. Cybersecurity fundamentals scoring system score
        2. Physical Control and Security Clearances Strategy summary
      4. Compliance as a Security Strategy
        1. Cybersecurity fundamentals scoring system score
        2. Compliance as a Security Strategy summary
      5. Application-Centric Strategy
        1. Cybersecurity fundamentals scoring system score
        2. Application-Centric Strategy summary
      6. Identity-Centric Strategy
        1. Cybersecurity fundamentals scoring system score
        2. Identity-Centric Strategy summary
      7. Data-Centric Strategy
        1. Cybersecurity fundamentals scoring system score
        2. Data-Centric Strategy summary
      8. Attack-Centric Strategy
        1. Cybersecurity fundamentals scoring system score
        2. Attack-Centric Strategy summary
      9. Cybersecurity strategies summary
      10. DevOps and DevSecOps
      11. Zero Trust
    4. Chapter summary
    5. References
  7. Strategy Implementation
    1. Introduction
    2. What is an Intrusion Kill Chain?
    3. Modernizing the kill chain
      1. Mapping the cybersecurity usual suspects
      2. Updating the matrix
    4. Getting started
      1. Maturity of current cybersecurity capabilities
      2. Who consumes the data?
      3. Cybersecurity license renewals
    5. Implementing this strategy
      1. Rationalizing the matrix – gaps, under-investments, and over-investments
      2. Planning your implementation
      3. Designing control sets
        1. Attack phase – Reconnaissance I
        2. Attack phase – Delivery
        3. Attack phase – Exploitation
        4. Attack phase – Installation
        5. Attack phase – Command and Control (C2)
        6. Attack phase – Reconnaissance II
        7. Attack phase – Actions on Objectives
    6. Conclusion
    7. Chapter summary
    8. References
  8. Measuring Performance and Effectiveness
    1. Introduction
    2. Using vulnerability management data
      1. Assets under management versus total assets
      2. Known unpatched vulnerabilities
      3. Unpatched vulnerabilities by severity
      4. Vulnerabilities by product type
    3. Measuring performance and efficacy of an Attack-Centric Strategy
      1. Performing intrusion reconstructions
      2. Using intrusion reconstruction results
        1. Identifying lame controls
        2. Learning from failure
        3. Identifying helpful vendors
        4. Informing internal assessments
    4. Chapter summary
    5. References
  9. The Cloud – A Modern Approach to Security and Compliance
    1. Introduction
    2. How is cloud computing different?
    3. Security and compliance game changers
      1. The power of APIs
      2. The advantages of automation
        1. Mitigating insider threat and social engineering
        2. Mitigating unpatched vulnerabilities
        3. Mitigating security misconfigurations
        4. Mitigating weak, leaked and stolen passwords
      3. Security and compliance game changers – summary
    4. Using cybersecurity strategies in the cloud
      1. Using the protect and recover strategy in the cloud
      2. Compliance as a cybersecurity strategy in the cloud
      3. Using the Attack-Centric Strategy in the cloud
      4. DevOps – A modern approach to security in the cloud
    5. Encryption and key management
    6. Conclusion
    7. Chapter summary
    8. References
  10. Other Books You May Enjoy
  11. Index
3.133.141.6