Review: Cybersecurity Threats, Malware Trends, and Strategies
Tim Rains, who formerly held many essential roles at Microsoft and is currently working at Amazon Web Services as Regional Leader for Security and Compliance Business Acceleration for EMEA, had the opportunity to gain knowledge from and advise thousands of organizations and enterprises about incident response and threat intelligence.
Cybersecurity Threats, Malware Trends, and Strategies
He starts the book by explaining the importance of a cybersecurity strategy and why it should be implemented, but also how security leaders should search for knowledge from the past by using vulnerability disclosure data to help them build their own strategy and avoid making mistakes that others have already made.
He then proceeds to give readers an idea on how the threat landscape has evolved and the types of malware they could encounter. Only by knowing their variety and frequency it is possible to define an efficient cybersecurity strategy. Readers will also find out about internet-based threats, how they evolved and what are the most common attack methods used by cybercriminals.
The author uses the Cybersecurity Fundamentals Scoring System to evaluate the efficiency of every cybersecurity strategy, explaining them in detail and pointing out advantages and disadvantages.
Clearly, one size doesn’t fit all. The right strategy is the one that fits an organization and helps protect what is most valuable for that particular organization.
CISOs must be meticulous to get the best results in protecting their organization, but also aligned with the executives to understand the objectives of the business and how to make it thrive while being fully protected. This is the greatest challenge for every CISO.
He then describes the implementation of an attack-centric strategy, since it holds the highest Cybersecurity Fundamentals Scoring System score. He focuses on the intrusion kill chain and the different stages used by attackers, and finally measures the performance and efficacy of the above strategy.
The final chapter is dedicated to the cloud and why it is the best choice for enterprises to mitigate common risks, and the best tools cybersecurity teams can use to protect cloud data.
Who is it for?
The book is mainly aimed at CISOs, CIOs, CTOs but also others responsible for the cybersecurity of their organization, presuming they have basic IT knowledge.
If you’re looking for a book that’s easy to read but has a lot of useful information and may give you some new perspectives on cybersecurity, this is the right one for you.