Project Zero Trust

Author: George Finney
Publisher: John Wiley & Sons
ISBN: 1119884861
Category : Computers
Languages : en
Pages : 221

Book Description
Implement Zero Trust initiatives efficiently and effectively In Project Zero Trust: A Story About a Strategy for Aligning Security and the Business, George Finney, Chief Security Officer at Southern Methodist University, delivers an insightful and practical discussion of Zero Trust implementation. Presented in the form of a fictional narrative involving a breach at a company, the book tracks the actions of the company's new IT Security Director. Readers will learn John Kindervag's 5-Step methodology for implementing Zero Trust, the four Zero Trust design principles, and how to limit the impact of a breach. They'll also find: Concrete strategies for aligning your security practices with the business Common myths and pitfalls when implementing Zero Trust and how to implement it in a cloud environment Strategies for preventing breaches that encourage efficiency and cost reduction in your company's security practices Project Zero Trust is an ideal resource for aspiring technology professionals, as well as experienced IT leaders, network engineers, system admins, and project managers who are interested in or expected to implement zero trust initiatives.

Well Aware

Author: George Finney
Publisher: Greenleaf Book Group
ISBN: 1626347379
Category : Business & Economics
Languages : en
Pages : 241

Book Description
Key Strategies to Safeguard Your Future Well Aware offers a timely take on the leadership issues that businesses face when it comes to the threat of hacking. Finney argues that cybersecurity is not a technology problem; it’s a people problem. Cybersecurity should be understood as a series of nine habits that should be mastered—literacy, skepticism, vigilance, secrecy, culture, diligence, community, mirroring, and deception—drawn from knowledge the author has acquired during two decades of experience in cybersecurity. By implementing these habits and changing our behaviors, we can combat most security problems. This book examines our security challenges using lessons learned from psychology, neuroscience, history, and economics. Business leaders will learn to harness effective cybersecurity techniques in their businesses as well as their everyday lives.

Zero Trust Security

Author: NIKE. ANDRAVOUS
Publisher:
ISBN: 9789355512512
Category :
Languages : en
Pages : 262

Book Description
This book delves into the complexities of business settings. It covers the practical guidelines and requirements your security team will need to design and execute a zero-trust journey while maximizing the value of your current enterprise security architecture. The goal of Zero Trust is to radically alter the underlying concept and approach to enterprise security, moving away from old and clearly unsuccessful perimeter-centric techniques and toward a dynamic, identity-centric, and policy-based approach. This book helps the readers to earn about IPS, IDS, and IDPS, along with their varieties and comparing them. It also covers Virtual Private Networks, types of VPNs.and also to understand how zero trust and VPN work together By the completion of the book, you will be able to build a credible and defensible Zero Trust security architecture for your business, as well as implement a step-by-step process that will result in considerably better security and streamlined operations. TABLE OF CONTENTS 1. Introduction to Enterprise Security 2. Get to Know Zero Trust 3. Architectures With Zero Trust 4. Zero Trust in Practice 5. Identity and Access Management (IAM) 6. Network Infrastructure 7. Network Access Control 8. Intrusion Detection and Prevention Systems 9. Virtual Private Networks 10. Next-Generation Firewalls 11. Security Operations 12. Privileged Access Management (PAM) 13. Data Protection 14. Infrastructure and Platform as a Service 15.Software as a Service (SaaS) 16. IoT Devices 17. A Policy of Zero Trust 18. Zero Trust Scenarios 19. Creating a Successful Zero Trust Environment

Zero Trust Networks

Author: Evan Gilman
Publisher: "O'Reilly Media, Inc."
ISBN: 149196216X
Category : Computers
Languages : en
Pages : 240

Book Description
The perimeter defenses guarding your network perhaps are not as secure as you think. Hosts behind the firewall have no defenses of their own, so when a host in the "trusted" zone is breached, access to your data center is not far behind. That’s an all-too-familiar scenario today. With this practical book, you’ll learn the principles behind zero trust architecture, along with details necessary to implement it. The Zero Trust Model treats all hosts as if they’re internet-facing, and considers the entire network to be compromised and hostile. By taking this approach, you’ll focus on building strong authentication, authorization, and encryption throughout, while providing compartmentalized access and better operational agility. Understand how perimeter-based defenses have evolved to become the broken model we use today Explore two case studies of zero trust in production networks on the client side (Google) and on the server side (PagerDuty) Get example configuration for open source tools that you can use to build a zero trust network Learn how to migrate from a perimeter-based network to a zero trust network in production

You CAN Stop Stupid

Author: Ira Winkler
Publisher: John Wiley & Sons
ISBN: 1119621984
Category : Business & Economics
Languages : en
Pages : 368

Book Description
Stopping Losses from Accidental and Malicious Actions Around the world, users cost organizations billions of dollars due to simple errors and malicious actions. They believe that there is some deficiency in the users. In response, organizations believe that they have to improve their awareness efforts and making more secure users. This is like saying that coalmines should get healthier canaries. The reality is that it takes a multilayered approach that acknowledges that users will inevitably make mistakes or have malicious intent, and the failure is in not planning for that. It takes a holistic approach to assessing risk combined with technical defenses and countermeasures layered with a security culture and continuous improvement. Only with this kind of defense in depth can organizations hope to prevent the worst of the cybersecurity breaches and other user-initiated losses. Using lessons from tested and proven disciplines like military kill-chain analysis, counterterrorism analysis, industrial safety programs, and more, Ira Winkler and Dr. Tracy Celaya's You CAN Stop Stupid provides a methodology to analyze potential losses and determine appropriate countermeasures to implement. Minimize business losses associated with user failings Proactively plan to prevent and mitigate data breaches Optimize your security spending Cost justify your security and loss reduction efforts Improve your organization’s culture Business technology and security professionals will benefit from the information provided by these two well-known and influential cybersecurity speakers and experts.

Zscaler Cloud Security Essentials

Author: Ravi Devarasetty
Publisher: Packt Publishing Ltd
ISBN: 1800567367
Category : Computers
Languages : en
Pages : 236

Book Description
Harness the capabilities of Zscaler to deliver a secure, cloud-based, scalable web proxy and provide a zero-trust network access solution for private enterprise application access to end users Key FeaturesGet up to speed with Zscaler without the need for expensive trainingImplement Zscaler Internet Access (ZIA) and Zscaler Private Access (ZPA) security solutions with real-world deploymentsFind out how to choose the right options and features to architect a customized solution with ZscalerBook Description Many organizations are moving away from on-premises solutions to simplify administration and reduce expensive hardware upgrades. This book uses real-world examples of deployments to help you explore Zscaler, an information security platform that offers cloud-based security for both web traffic and private enterprise applications. You'll start by understanding how Zscaler was born in the cloud, how it evolved into a mature product, and how it continues to do so with the addition of sophisticated features that are necessary to stay ahead in today's corporate environment. The book then covers Zscaler Internet Access and Zscaler Private Access architectures in detail, before moving on to show you how to map future security requirements to ZIA features and transition your business applications to ZPA. As you make progress, you'll get to grips with all the essential features needed to architect a customized security solution and support it. Finally, you'll find out how to troubleshoot the newly implemented ZIA and ZPA solutions and make them work efficiently for your enterprise. By the end of this Zscaler book, you'll have developed the skills to design, deploy, implement, and support a customized Zscaler security solution. What you will learnUnderstand the need for Zscaler in the modern enterpriseStudy the fundamental architecture of the Zscaler cloudGet to grips with the essential features of ZIA and ZPAFind out how to architect a Zscaler solutionDiscover best practices for deploying and implementing Zscaler solutionsFamiliarize yourself with the tasks involved in the operational maintenance of the Zscaler solutionWho this book is for This book is for security engineers, security architects, security managers, and security operations specialists who may be involved in transitioning to or from Zscaler or want to learn about deployment, implementation, and support of a Zscaler solution. Anyone looking to step into the ever-expanding world of zero-trust network access using the Zscaler solution will also find this book useful.

The Art of Attack

Author: Maxie Reynolds
Publisher: John Wiley & Sons
ISBN: 1119805473
Category : Computers
Languages : en
Pages : 210

Book Description
Take on the perspective of an attacker with this insightful new resource for ethical hackers, pentesters, and social engineers In The Art of Attack: Attacker Mindset for Security Professionals, experienced physical pentester and social engineer Maxie Reynolds untangles the threads of a useful, sometimes dangerous, mentality. The book shows ethical hackers, social engineers, and pentesters what an attacker mindset is and how to use it to their advantage. Adopting this mindset will result in the improvement of security, offensively and defensively, by allowing you to see your environment objectively through the eyes of an attacker. The book shows you the laws of the mindset and the techniques attackers use, from persistence to “start with the end” strategies and non-linear thinking, that make them so dangerous. You’ll discover: A variety of attacker strategies, including approaches, processes, reconnaissance, privilege escalation, redundant access, and escape techniques The unique tells and signs of an attack and how to avoid becoming a victim of one What the science of psychology tells us about amygdala hijacking and other tendencies that you need to protect against Perfect for red teams, social engineers, pentesters, and ethical hackers seeking to fortify and harden their systems and the systems of their clients, The Art of Attack is an invaluable resource for anyone in the technology security space seeking a one-stop resource that puts them in the mind of an attacker.

Info We Trust

Author: RJ Andrews
Publisher: John Wiley & Sons
ISBN: 1119483905
Category : Computers
Languages : en
Pages : 343

Book Description
How do we create new ways of looking at the world? Join award-winning data storyteller RJ Andrews as he pushes beyond the usual how-to, and takes you on an adventure into the rich art of informing. Creating Info We Trust is a craft that puts the world into forms that are strong and true. It begins with maps, diagrams, and charts — but must push further than dry defaults to be truly effective. How do we attract attention? How can we offer audiences valuable experiences worth their time? How can we help people access complexity? Dark and mysterious, but full of potential, data is the raw material from which new understanding can emerge. Become a hero of the information age as you learn how to dip into the chaos of data and emerge with new understanding that can entertain, improve, and inspire. Whether you call the craft data storytelling, data visualization, data journalism, dashboard design, or infographic creation — what matters is that you are courageously confronting the chaos of it all in order to improve how people see the world. Info We Trust is written for everyone who straddles the domains of data and people: data visualization professionals, analysts, and all who are enthusiastic for seeing the world in new ways. This book draws from the entirety of human experience, quantitative and poetic. It teaches advanced techniques, such as visual metaphor and data transformations, in order to create more human presentations of data. It also shows how we can learn from print advertising, engineering, museum curation, and mythology archetypes. This human-centered approach works with machines to design information for people. Advance your understanding beyond by learning from a broad tradition of putting things “in formation” to create new and wonderful ways of opening our eyes to the world. Info We Trust takes a thoroughly original point of attack on the art of informing. It builds on decades of best practices and adds the creative enthusiasm of a world-class data storyteller. Info We Trust is lavishly illustrated with hundreds of original compositions designed to illuminate the craft, delight the reader, and inspire a generation of data storytellers.

The Unicorn Project

Author: Gene Kim
Publisher: IT Revolution
ISBN: 1942788770
Category : Business & Economics
Languages : en
Pages : 499

Book Description
The Phoenix Project wowed over a half-million readers. Now comes the Wall Street Journal Bestselling Wall Street Journal bestselling The Unicorn Project! “The Unicorn Project is amazing, and I loved it 100 times more than The Phoenix Project…”—FERNANDO CORNAGO, Senior Director Platform Engineering, Adidas “Gene Kim does a masterful job of showing how … the efforts of many create lasting business advantages for all.”—DR. STEVEN SPEAR, author of The High-Velocity Edge, Sr. Lecturer at MIT, and principal of HVE LLC. “The Unicorn Project is so clever, so good, so crazy enlightening!”––CORNELIA DAVIS, Vice President Of Technology at Pivotal Software, Inc., Author of Cloud Native Patterns This highly anticipated follow-up to the bestselling title The Phoenix Project takes another look at Parts Unlimited, this time from the perspective of software development. In The Unicorn Project, we follow Maxine, a senior lead developer and architect, as she is exiled to the Phoenix Project, to the horror of her friends and colleagues, as punishment for contributing to a payroll outage. She tries to survive in what feels like a heartless and uncaring bureaucracy and to work within a system where no one can get anything done without endless committees, paperwork, and approvals. One day, she is approached by a ragtag bunch of misfits who say they want to overthrow the existing order, to liberate developers, to bring joy back to technology work, and to enable the business to win in a time of digital disruption. To her surprise, she finds herself drawn ever further into this movement, eventually becoming one of the leaders of the Rebellion, which puts her in the crosshairs of some familiar and very dangerous enemies. The Age of Software is here, and another mass extinction event looms—this is a story about rebel developers and business leaders working together, racing against time to innovate, survive, and thrive in a time of unprecedented uncertainty...and opportunity. “The Unicorn Project provides insanely useful insights on how to improve your technology business.”—DOMINICA DEGRANDIS, author of Making Work Visible and Director of Digital Transformation at Tasktop ——— “My goal in writing The Unicorn Project was to explore and reveal the necessary but invisible structures required to make developers (and all engineers) productive, and reveal the devastating effects of technical debt and complexity. I hope this book can create common ground for technology and business leaders to leave the past behind, and co-create a better future together.”—Gene Kim, November 2019

The Cybersecurity Playbook

Author: Allison Cerra
Publisher: John Wiley & Sons
ISBN: 1119442192
Category : Business & Economics
Languages : en
Pages : 230

Book Description
The real-world guide to defeating hackers and keeping your business secure Many books discuss the technical underpinnings and complex configurations necessary for cybersecurity—but they fail to address the everyday steps that boards, managers, and employees can take to prevent attacks. The Cybersecurity Playbook is the step-by-step guide to protecting your organization from unknown threats and integrating good security habits into everyday business situations. This book provides clear guidance on how to identify weaknesses, assess possible threats, and implement effective policies. Recognizing that an organization’s security is only as strong as its weakest link, this book offers specific strategies for employees at every level. Drawing from her experience as CMO of one of the world’s largest cybersecurity companies, author Allison Cerra incorporates straightforward assessments, adaptable action plans, and many current examples to provide practical recommendations for cybersecurity policies. By demystifying cybersecurity and applying the central concepts to real-world business scenarios, this book will help you: Deploy cybersecurity measures using easy-to-follow methods and proven techniques Develop a practical security plan tailor-made for your specific needs Incorporate vital security practices into your everyday workflow quickly and efficiently The ever-increasing connectivity of modern organizations, and their heavy use of cloud-based solutions present unique challenges: data breaches, malicious software infections, and cyberattacks have become commonplace and costly to organizations worldwide. The Cybersecurity Playbook is the invaluable guide to identifying security gaps, getting buy-in from the top, promoting effective daily security routines, and safeguarding vital resources. Strong cybersecurity is no longer the sole responsibility of IT departments, but that of every executive, manager, and employee.