Preface
The world is becoming increasingly digitized. Businesses rely on information technology to allow them to compete in the modern economy. However, each innovation brings new threats and vulnerabilities that threaten our livelihoods, our identities, and the global economy. The threats we face have never been greater than they are today.
At the same time, we are facing a historic shortage of information security professionals who will help keep us safe. In the long term, we must attract more people to our field to help secure our environments and protect the most vulnerable among us. In the short term, we must build processes that maximize the people we have and the technologies available to us to defend against capable adversaries who seek to compromise our systems and steal our valuable information.
I wrote this book to share the knowledge I've gained over the last decade I've spent helping organizations defend against cyber threats. Too often, we get caught up in technology and tactics and forget to look at the big picture of what we are trying to accomplish. We see breaches in the headlines, but we fail to understand what went wrong and identify the lessons we can learn to enable a more secure future.
I am disheartened by stories I hear of people who want to get into cybersecurity but find it difficult to get started. We are desperate for talent in our discipline, and it is critical for us to make cybersecurity more accessible. It is my hope that those who read this book will be attracted to cybersecurity as a profession and will acquire the tools necessary to understand the space holistically.
Information is among the most valuable commodities in the world today. Our ability to protect it will determine the opportunities available to future generations.
Who this book is for
This book is for people who are considering a career in cybersecurity and need to understand the landscape. It is also for people who are in a single cybersecurity discipline who would like to expand their understanding to advance their careers. Finally, this book is for those who are skilled in cybersecurity but find it difficult to relate the concepts to non-technical people.
What this book covers
Chapter 1, Protecting People, Information, and Systems – a Growing Problem, introduces you to the modern cybersecurity landscape and provides examples of the problems we are facing.
Chapter 2, The Human Side of Cybersecurity, introduces the roles humans play in cybersecurity, on both the attacker and the defender sides. Cybersecurity is about people attacking people. While cybersecurity is new, the dynamics are as old as humanity itself.
Chapter 3, Anatomy of an Attack, introduces different attack types and how they typically happen. We will explore common techniques and what the attacker must accomplish to be successful.
Chapter 4, Protecting People, Information, and Systems with Timeless Best Practices, discusses how while many measures and countermeasures change with technology, some best practices are timeless and effective. We will explore these timeless best practices, which are rarely implemented effectively and could limit the damage caused by the majority of breaches.
Chapter 5, Protecting against Common Attacks by Partnering with End Users, discusses how people often think of security as the domain of a small team inside an environment. The best security programs partner with end users as the first and last lines of defense.
Chapter 6, Information Security for a Changing World, discusses how the pace of change is both faster than it has ever been and the slowest it will ever be. Change is the only constant, and it is accelerating. Future-proofing a security program requires a conceptual understanding of objectives that transcends technology.
Chapter 7, Difficulty Securing the Modern Enterprise (With Solutions!), looks at how there are a number of current challenges in the cybersecurity space with no easy answers. This chapter will talk about those challenges and provide recommendations for how you can solve them.
Chapter 8, Harnessing Automation Opportunities, discusses automation and how automation will not solve all of the problems associated with cybersecurity today. However, effective programs will find ways to use automation where appropriate to make people more effective.
Chapter 9, Cybersecurity at Home, looks at how, as the world is not just more dangerous for businesses, cybersecurity knowledge can also protect those who matter most to us at home.
To get the most out of this book
There are no prerequisites to reading this book other than an open mind, a positive attitude, and a thirst for knowledge.
Download the color images
We also provide a PDF file that has color images of the screenshots and diagrams used in this book. You can download it here: https://static.packt-cdn.com/downloads/9781803248639_ColorImages.pdf.
Get in touch
Feedback from our readers is always welcome.
General feedback: If you have questions about any aspect of this book, email us at [email protected] and mention the book title in the subject of your message.
Errata: Although we have taken every care to ensure the accuracy of our content, mistakes do happen. If you have found a mistake in this book, we would be grateful if you would report this to us. Please visit www.packtpub.com/support/errata and fill in the form.
Piracy: If you come across any illegal copies of our works in any form on the internet, we would be grateful if you would provide us with the location address or website name. Please contact us at [email protected] with a link to the material.
If you are interested in becoming an author: If there is a topic that you have expertise in and you are interested in either writing or contributing to a book, please visit authors.packtpub.com.
Share Your Thoughts
Once you've read , we'd love to hear your thoughts! Please click here to go straight to the Amazon review page for this book and share your feedback.
Your review is important to us and the tech community and will help us make sure we're delivering excellent quality content.