The world can be a scary place for your business… and cyber threats can be even scarier these days. When hostile state actors and increasingly dangerous corporate espionage are worrying you, you need to focus your energy on cyber threat detection, prevention and response!
This free excerpt from the groundbreaking book Building an Effective Cybersecurity Program, 2nd Edition, by Tari Schreider C|CISO, CRISC, ITIL® Foundation, MCRP, SSCP will help you to begin building YOUR Cyber Threat, Vulnerability Detection, and Intelligence Capability.
This free chapter will help you to:
- Understand the relationship between threats and vulnerabilities.
- Understand how to identify and categorize cyber threats.
- Know how to detect vulnerabilities within your organization.
- View your organization as an attack surface.
To learn more about this book, see Building an Effective Cybersecurity Program (2nd Edition).
The book is presented as a practical roadmap detailing each step required for you to build your effective cybersecurity program and fight off cyber threats. It also provides many design templates to assist in program builds. Each chapter includes self-study questions to gauge your progress. Building An Effective Cybersecurity Program (2nd Edition) is your single-source reference for building effective cybersecurity programs!
Cyber Threat Intelligence Program Use Cases
If you are still wondering how an intelligence capability would benefit your organization, I have highlighted several tactical use cases.
- Countermeasures alignment: Countermeasures rely on rules, filters, and signatures to be effective. Intelligence provides advanced warning of specific cyber threats that countermeasures can address if properly configured. Using high-quality intelligence reduces false positives.
- Incident response (IR): The IR team can use threat intelligence to validate indicators that triggered alarms accelerating response time. The intelligence can provide valuable data about a cyber threat, its origin, behavior, and associated adversaries.
- SecOps: Threat intelligence can assist SecOps personnel in triaging SIEM alerts through the attachment of risk score tags. Threat intelligence systems can interface directly with the SIEM to automate alert prioritization.
- System hygiene: Patching systems is a significant effort for any organization and knowing what and when to patch can save precious resources, time, and budget. Most organizations operate on a patching backlog and prioritizing patching efforts allows you to focus on your most at-risk systems.
Building An Effective Cybersecurity Program 2nd edition – reviews
Is your business facing a cyber threat? How effective is your cybersecurity program? Hear what others have to say about Tari Schreider’s latest book:
“There is a myriad of cybersecurity books available these days. However, none like this. This book is the differentiator.”
“Schreider has decades of information security and risk management experience in numerous environments and industries. He brings that experience to every chapter in this valuable guide.”
“Adopting and applying the characteristics of a journey, Schreider guides the reader through the mileposts of building a cybersecurity program, start to finish. Even so, the book is organized so it can easily be used as a reference guide, providing detailed information for any point along the route. This book includes ample visual graphics to illustrate the complex ideas addressed in the text. These graphical representations help the reader to comprehend and retain the information presented. It should be noted that there are a large number of hyperlinks in this book. Many readers will find a digital copy with active hyperlinks most useful.”
“…a step-by-step guide with practical examples and a true roadmap for anyone who needs to build a cybersecurity program…”
“Schreider provides a detailed and real-world roadmap on how to create an effective information security program. He also brings his practical experience to every chapter, detailing what works and does not, the pros and cons of items suggested, and more… heavy on practical guidance.”