CRITICAL SECURITY CONTROLS FOR EFFECTIVE CYBER DEFENSE : a comprehensive guide to cis 18 controls
معرفی کتاب «CRITICAL SECURITY CONTROLS FOR EFFECTIVE CYBER DEFENSE : a comprehensive guide to cis 18 controls» نوشتهٔ Dr. Jason Edwards، منتشرشده توسط نشر Apress L. P. در سال 2024. این کتاب در فرمت pdf، زبان انگلیسی ارائه شده است.
This book is an essential guide for IT professionals, cybersecurity experts, and organizational leaders navigating the complex realm of cyber defense. It offers an in-depth analysis of the Critical Security Controls for Effective Cyber Defense, known as the CIS 18 Controls, which are vital actions for protecting organizations against prevalent cyber threats. The core of the book is an exhaustive examination of each CIS 18 Control. Developed by the Center for Internet Security (CIS), these controls are the benchmark in cybersecurity, crafted to counteract the most common and impactful cyber threats. The book breaks down these controls into comprehensible segments, explaining their implementation, management, and effectiveness. This detailed approach is crucial in the context of the digital era's evolving cyber threats, heightened by the rise in remote work and cloud-based technologies. The book's relevance is magnified by its focus on contemporary challenges, offering strategies to strengthen cyber defenses in a fast-paced digital world. What You Will Learn Implementation Strategies: Learn detailed strategies for implementing each of the CIS 18 Controls within your organization. The book provides step-by-step guidance and practical insights to help you integrate these controls effectively, ensuring that your cyber defenses are robust and resilient. Risk Mitigation Techniques: Discover how to identify and mitigate risks associated with failing to implement these controls. By understanding the potential consequences of neglecting each control, you can prioritize actions that protect your organization from the most significant threats. Actionable Recommendations: Access practical, actionable recommendations for managing and maintaining these controls. The book offers clear and concise advice on how to continuously improve your cybersecurity measures, adapting to evolving cyber threats and organizational needs to ensure long-term protection. Training and Simplification: Explore recommended training programs and simplified security control measures that can be tailored to fit the specific needs and challenges of your business environment. This section emphasizes the importance of ongoing education and streamlined processes to enhance your organization's overall cybersecurity readiness. Importance and Relevance: Understand the importance and relevance of each CIS 18 Control in the context of contemporary cybersecurity challenges. Learn why these controls are crucial for safeguarding your organization against the most prevalent cyber threats. Key Concepts and Terms: Familiarize yourself with the key concepts and terms associated with each CIS 18 Control. This foundational knowledge will help you communicate more effectively with stakeholders and ensure a common understanding of cybersecurity principles. Questions to Ask: Discover the critical questions you should ask when assessing your organization’s implementation of each control. These questions will guide your evaluation and help identify areas for improvement. Who This Book Is For IT and cybersecurity professionals, business leaders and executives, small business owners and managers, students and academics in cybersecurity fields, government and on-profit sector professionals, and cybersecurity consultants and trainers Table of Contents About the Author Acknowledgments Introduction to the Center for Internet Security (CIS) Controls Chapter 1: Inventory and Control of Enterprise (Hardware) Assets Key Concepts and Terms Importance and Relevance Risks of Not Implementing the Control What Questions Should You Ask? Recommended Training Actionable Recommendations Simplified Security Controls (SSC) Chapter 2: Inventory and Control of Software Assets Key Concepts and Terms Importance and Relevance Risks of Not Implementing the Control What Questions Should You Ask? Recommended Training Actionable Recommendations Simplified Security Controls (SSC) Chapter 3: Data Protection Key Concepts and Terms Importance and Relevance Risks of Not Implementing the Control What Questions Should You Ask? Recommended Training Actionable Recommendations Simplified Security Controls (SSC) Chapter 4: Secure Configuration of Enterprise Assets and Software Key Concepts and Terms Importance and Relevance Risks of Not Implementing the Control What Questions Should You Ask? Recommended Training Actionable Recommendations Simplified Security Controls (SSC) Chapter 5: Account Management Key Concepts and Terms Importance and Relevance Risks of Not Implementing the Control What Questions Should You Ask? Recommended Training Actionable Recommendations Simplified Security Controls (SSC) Chapter 6: Access Control Management Key Concepts and Terms Importance and Relevance Risks of Not Implementing the Control What Questions Should You Ask? Recommended Training Actionable Recommendations Simplified Security Controls (SSC) Chapter 7: Continuous Vulnerability Management Key Concepts and Terms Importance and Relevance Risks of Not Implementing the Control What Questions Should You Ask? Recommended Training Actionable Recommendations Simplified Security Controls (SSC) Chapter 8: Audit Log Management Key Concepts and Terms Importance and Relevance Risks of Not Implementing the Control What Questions Should You Ask? Recommended Training Actionable Recommendations Simplified Security Controls (SSC) Chapter 9: Email and Browser Protections Key Concepts and Terms Importance and Relevance Risks of Not Implementing the Control What Questions Should You Ask? Recommended Training Actionable Recommendations Simplified Security Controls (SSC) Chapter 10: Malware Defenses Key Concepts and Terms Importance and Relevance Risks of Not Implementing the Control What Questions Should You Ask? Recommended Training Actionable Recommendations Simplified Security Controls (SSC) Chapter 11: Data Recovery Key Concepts and Terms Importance and Relevance Risks of Not Implementing the Control What Questions Should You Ask? Recommended Training Actionable Recommendations Simplified Security Controls (SSC) Chapter 12: Network Infrastructure Management Key Concepts and Terms Importance and Relevance Risks of Not Implementing the Control What Questions Should You Ask? Recommended Training Actionable Recommendations Simplified Security Controls (SSC) Chapter 13: Network Monitoring and Defense Key Concepts and Terms Importance and Relevance Risks of Not Implementing the Control What Questions Should You Ask? Recommended Training Actionable Recommendations Simplified Security Controls (SSC) Chapter 14: Security Awareness and Skills Training Key Concepts and Terms Importance and Relevance Risks of Not Implementing the Control What Questions Should You Ask? Recommended Training Actionable Recommendations Simplified Security Controls (SSC) Chapter 15: Service Provider Management Key Concepts and Terms Importance and Relevance Risks of Not Implementing the Control What Questions Should You Ask? Recommended Training Actionable Recommendations Simplified Security Controls (SSC) Chapter 16: Application Software Security Key Concepts and Terms Importance and Relevance Risks of Not Implementing the Control What Questions Should You Ask? Recommended Training Actionable Recommendations Simplified Security Controls (SSC) Chapter 17: Incident Response Management Key Concepts and Terms Importance and Relevance Risks of Not Implementing the Control What Questions Should You Ask? Recommended Training Actionable Recommendations Simplified Security Controls (SSC) Chapter 18: Penetration Testing Key Concepts and Terms Importance and Relevance Risks of Not Implementing the Control What Questions Should You Ask? Recommended Training Actionable Recommendations Simplified Security Controls (SSC) Index
دانلود کتاب CRITICAL SECURITY CONTROLS FOR EFFECTIVE CYBER DEFENSE : a comprehensive guide to cis 18 controls