Angol
Enterprise Cybersecurity lays out the design, implementation,and management of comprehensive cybersecurity programs that enable enterprises of all sizes and sectors to protect themselves preemptively and actively against the escalating threat of modern, targeted cyberattacks. §To frame their exposition of the components of effective cybersecurity programs, the authors develop two actionable concepts central to their systems engineering approach. First, the "kill chain" of a cyber-intrusion comprises the intrusive phases of adversarial reconnaissance, weaponization, delivery, and exploitation, to each of which the authors map defensive courses of action for detection, mitigation, and response. Second, the "trust stack" concept articulates the structure of defensive response in terms of two subsidiary stacks whose elements are sequentially arranged in increasing difficulty for an attacker to breach and compromise. One subsidiary stack is the "application stack" comprised of ten elements such as end user, application software, and database. The other is the "administration stack" comprised of nine elements such as user credentials, application administration, and database administration. §Within the conceptual framework of the kill chain and trust stack, Enterprise Cybersecurity describes the aims, strategies, tactics, and taxonomy of security threats and the panoply of corresponding cyberdefensive measures.These countermeasures include hardening of enterprise defenses, immediate detection of intrusions, containment of attacks, and repulse to prevent exploitation of breaches. End-to-end cyberdefense systems integrate preventive,detective, monitoring, and forensics controls.§Toward this integrative end, the team of authors--respected experts and thought leaders in the rapidly evolving field of enterprise cybersecurity--introduce a new synthetic paradigm called Cybersecurity Capability Architecture, which they have collectively refined and separately put into practice. §Readers of this book will learn to design and implement the ten functional areas of Cybersecurity Capability Architecture:§systems administration §network security §application security §endpoint, server, and device security §asset management §authentication and identity management §cryptography and data protection §monitoring, vulnerability, and patch management §incident response §policy, audit, e-discovery, and training
