امنیت حفاظتی: ایجاد دفاعهای نظامی برای کسبوکار دیجیتال شما
Protective Security : Creating Military-Grade Defenses for Your Digital Business
معرفی کتاب «امنیت حفاظتی: ایجاد دفاعهای نظامی برای کسبوکار دیجیتال شما» (با عنوان لاتین Protective Security : Creating Military-Grade Defenses for Your Digital Business) نوشتهٔ Jim Seaman (auth.)، منتشرشده توسط نشر Apress : Imprint: Apress در سال 2021. این کتاب در فرمت pdf، زبان انگلیسی ارائه شده است.
This book shows you how military counter-intelligence principles and objectives are applied. It provides you with valuable advice and guidance to help your business understand threat vectors and the measures needed to reduce the risks and impacts to your organization. You will know how business-critical assets are compromised: cyberattack, data breach, system outage, pandemic, natural disaster, and many more. Rather than being compliance-concentric, this book focuses on how your business can identify the assets that are most valuable to your organization and the threat vectors associated with these assets. You will learn how to apply appropriate mitigation controls to reduce the risks within suitable tolerances. You will gain a comprehensive understanding of the value that effective protective security provides and how to develop an effective strategy for your type of business. What You Will Learn Take a deep dive into legal and regulatory perspectives and how an effective protective security strategy can help fulfill these ever-changing requirements Know where compliance fits into a company-wide protective security strategy Secure your digital footprint Build effective 5 D network architectures: Defend, detect, delay, disrupt, deter Secure manufacturing environments to balance a minimal impact on productivity Securing your supply chains and the measures needed to ensure that risks are minimized Who This Book Is For Business owners, C-suite, information security practitioners, CISOs, cybersecurity practitioners, risk managers, IT operations managers, IT auditors, and military enthusiasts Table of Contents......Page 5 About the Author......Page 17 About the Technical Reviewer......Page 18 Tribute To......Page 19 Acknowledgments......Page 27 Chapter 1: Introduction......Page 28 Background......Page 29 Hackmageddon Statistics (as depicted in Figures 1-3 to 1-9)......Page 30 Fintech News Statistics......Page 34 14 Most Alarming Cybersecurity Statistics in 2020......Page 35 Inspiration for This Book......Page 37 In Defense of the Crown......Page 41 Modern-Day Protective Security......Page 43 Transitioning from Military Service......Page 45 And Finally.........Page 49 Key Takeaways......Page 52 Chapter 2: What Is Protective Security (PS)?......Page 54 Introduction......Page 55 Military Example......Page 56 Traditional Approach to Business Security......Page 65 Protective Security......Page 66 Business Context......Page 68 Military Example......Page 69 Risk and Resilience Profile......Page 70 Military Comparison......Page 72 Identify and Isolate......Page 74 Military Example......Page 76 Detect Anomalies......Page 77 Military Example......Page 80 Govern Processes......Page 85 Military Example......Page 87 Evaluate Security Controls......Page 88 Military Example......Page 89 Survive to Operate......Page 90 Military Example......Page 95 Protective Security Ten Key Principles......Page 99 Reality Bites......Page 101 Key Takeaways......Page 102 Chapter 3: Protective Security (PS) in terms of the Legal and Regulatory Considerations for the Digital Business......Page 104 Introduction......Page 105 Military Example......Page 108 The Advantages of a Digital Workplace......Page 110 With Great Power Comes Great Responsibility......Page 112 Embrace the Good: Reputation Is Everything......Page 114 A Health and Safety (H&S) Approach to Protective Security......Page 115 Data Privacy and Protection: Setting Your Moral Compass......Page 121 Focus on the Use of Personal Data......Page 129 Power to the People......Page 134 Key Takeaways......Page 137 Chapter 4: The Integration of Compliance with Protective Security (PS)......Page 138 Introduction......Page 139 Military Example......Page 143 The Value of Standardization......Page 147 General......Page 149 Cyber/Information Security......Page 150 Department of Defense Instruction (DoDI) and Committee on National Security Systems (CNSSI)......Page 151 Financial......Page 152 NIST Framework......Page 153 Process Control and Supervisory Control and Data Acquisition (SCADA)......Page 154 Transportation......Page 155 Building BRIDGES......Page 156 Survive to Operate......Page 157 Standardization: A Valuable Lesson from Australian History......Page 158 Supporting Business Health......Page 159 Supply Chain Health Checks......Page 164 Supplier Chain Management Best Practices......Page 167 Supplier Selection......Page 168 Scenario......Page 171 Risk Analysis......Page 173 Risk......Page 177 Summary of Simulation Results......Page 178 Reality Bites......Page 179 Key Takeaways......Page 180 Chapter 5: Developing a Protective Security Strategy......Page 181 Introduction......Page 182 Components of an Effective Strategy......Page 184 Priority 1: Asset Management......Page 186 Priority 2: Risk Management......Page 193 Priority 3: Vulnerability and Impact Management......Page 195 Priority 5: Security Information and Event Management......Page 200 Military Comparison......Page 201 Building BRIDGES......Page 204 Business Context......Page 206 Terrorism......Page 208 Espionage......Page 209 Organized Crime......Page 210 Other Nontraditional Threats......Page 211 An Example Evaluation of the Canadian Sales Office......Page 212 Identify and Isolate......Page 221 Govern Processes......Page 224 Evaluate Security Controls......Page 226 Survive to Operate......Page 227 To Certify or Not to Certify – That Is the Question?......Page 228 Reality Bites......Page 234 Key Takeaways......Page 236 Chapter 6: Cyber Security and the Digital Business......Page 238 Cyber Security Definitions......Page 241 IT Security Definitions......Page 243 Cyber Resilience Definitions......Page 244 Definition of Security......Page 245 Military Comparison......Page 249 Building BRIDGES......Page 260 Business Context......Page 261 Risk and Resilience......Page 267 Identify and Isolate......Page 273 Detect Anomalies......Page 285 Govern Processes......Page 287 Evaluate Security Controls......Page 289 Survive to Operate......Page 291 Reality Bites......Page 292 Key Takeaways......Page 293 Chapter 7: Network/IT Security in Protective Security (PS)......Page 295 Introduction......Page 296 Military Comparison......Page 302 Designing a Secure Network Architecture......Page 312 Wireless Networks......Page 322 Business Context......Page 323 Identify and Isolate......Page 324 Detect Anomalies......Page 328 Endpoint Protection......Page 329 Network Protection......Page 331 Govern Processes......Page 338 Evaluate Security Controls......Page 339 Survive to Operate......Page 342 Reality Bites......Page 343 Key Takeaways......Page 345 Chapter 8: Information Systems Security......Page 347 What Is an Information System?......Page 348 Military Comparison......Page 349 Security of Network and Information Systems......Page 356 Business Context......Page 368 Identify and Isolate......Page 369 Detect Anomalies......Page 370 Govern Processes......Page 371 Survive to Operate......Page 374 Reality Bites......Page 375 API Security Top 10 2019......Page 376 Key Takeaways......Page 378 Introduction......Page 380 The Military Matrix Model......Page 384 Operational Requirements......Page 394 OR CCTV Template......Page 395 Level 2 OR......Page 396 Perimeter Fence Line Survey......Page 398 CCTV Security Survey......Page 407 Telecommunications Electronics Materials Protected from Emanating Spurious Transmissions (TEMPEST)......Page 412 Risk and Resilience......Page 414 Identify and Isolate......Page 416 Govern Processes......Page 417 Evaluate Security Controls......Page 418 Reality Bites......Page 419 Key Takeaways......Page 421 Chapter 10: Industrial Systems Protective Security......Page 423 Introduction......Page 424 The Industrial Revolution......Page 426 Moore’s Law......Page 428 Military Comparison......Page 429 Manufacturing Your Secure Environments......Page 433 Establishing the Baseline......Page 438 Business Context......Page 449 Risk and Resilience......Page 451 Identify and Isolate......Page 453 Govern Processes......Page 454 Evaluate Security Controls......Page 455 Reality Bites......Page 456 Key Takeaways......Page 458 Chapter 11: Securing Your Supply Chain......Page 461 Introduction......Page 462 Strengthening Your Supply Chain Links......Page 467 Supply Chain Attack Vectors......Page 472 Assessing Your Supply Chain Security Links......Page 477 Building BRIDGES......Page 485 Risk and Resilience......Page 486 Detect Anomalies......Page 489 Evaluate Security Controls......Page 490 Survive to Operate......Page 494 Military Comparison......Page 495 Reality Bites......Page 502 Key Takeaways......Page 506 Chapter 12: Developing Your Human Firewall......Page 508 Introduction......Page 509 Human Firewall......Page 511 The Psychology of Protective Security......Page 515 Configuring Your “Human Firewalls”......Page 517 Selling Protective Security......Page 519 Military Comparison......Page 524 Building BRIDGES......Page 535 Identify and Isolate......Page 536 Detect Anomalies......Page 537 Govern Processes......Page 538 Survive to Operate......Page 539 Reality Bites......Page 540 Key Takeaways......Page 543 Chapter 13: Strict Access Restrictions......Page 545 Introduction......Page 546 Background......Page 547 Defending from the Enemy at Your Gates......Page 553 Securing Backend Operations......Page 554 Account Management......Page 555 Frontend Operations......Page 558 Two/Multifactor/Strong Customer Authentication......Page 563 Military Comparison......Page 565 Building BRIDGES......Page 570 Risk and Resilience......Page 571 Identify and Isolate......Page 572 Survive to Operate......Page 573 Reality Bites......Page 574 Key Takeaways......Page 579 Chapter 14: Building Resilience......Page 581 Article 32......Page 582 European Union Directive on Security of Network and Information Systems (EU NIS Directive)......Page 583 United States Protective Security Advisor Program......Page 584 Robust ICT Systems......Page 585 Business Continuity Management......Page 586 What Is Resilience?......Page 587 What Is Involved in Building Resilience?......Page 588 The Resilience Building Blocks......Page 589 Asset Definition and Management (ADM)......Page 590 Risk Management (RISK)......Page 592 Vulnerability Analysis and Resolution (VAR)......Page 595 Access Management (AM)......Page 597 Monitoring (MON)......Page 599 Incident Management and Control (IMC)......Page 603 Military Comparison......Page 609 Lessons Learned from World War 2......Page 624 Business Context......Page 627 Evaluate Security Controls......Page 628 Reality Bites......Page 629 Key Takeaways......Page 631 Chapter 15: Demonstrating the Protective Security Return on Investment (ROI)......Page 633 Introduction......Page 636 Creating the Business Case......Page 640 Making the Invisible Visible......Page 641 Military Comparison......Page 642 Risk and Resilience......Page 650 Govern Processes......Page 652 Survive to Operate......Page 653 Reality Bites......Page 654 Key Takeaways......Page 656 Introduction......Page 658 Dictionary Definition1......Page 659 Life Before a Career in Protective Security......Page 660 Basic Training......Page 668 Driver Training......Page 674 RAF Police Training......Page 676 Blue Phase......Page 677 Green Phase......Page 678 Commencing a Career in Protective Security......Page 685 High-Profile Dog Patrol for the President of the United States......Page 689 First Overseas Deployment: RAF Mount Pleasant, Falkland Islands......Page 690 Continuing My Career in Protective Security......Page 708 1989......Page 727 2001......Page 728 2005......Page 729 2006......Page 730 2008......Page 731 2008–2012......Page 732 2014......Page 733 Summary......Page 734 Business Context......Page 735 Risk Management......Page 736 Identify and Isolate......Page 738 Detect Anomalies......Page 740 Govern Process......Page 741 Evaluate Security Controls......Page 742 Cybersecurity......Page 743 Crime......Page 745 Military and Warfare......Page 746 Index......Page 748 Chapter 1: Introduction -- Chapter 2: What is Protective Security (PS)? -- Chapter 3: Protective Security (PS) in terms of the Legal and Regulatory Considerations for the Digital Business -- Chapter 4: The Integration of Compliance with Protection Security(PS) -- Chapter 5: Developing a Protective Security Strategy -- Chapter 6: Cyber Security and the Digital Business -- Chapter 7: Network/IT Security in Protective Security (PS) -- Chapter 8: Information Systems Security -- Chapter 9: Physical Security -- Chapter 10: Industrial Systems Protective Security -- Chapter 11: Securing Your Supply Chain -- Chapter 12: Developing Your Human Firewall -- Chapter 13: Strict Access Restrictions -- Chapter 14: Building Resilience -- Chapter 15: Demonstrating the Protective Security Return on Investment (ROI) -- Appendix A: A Lifetime in Protective Security -- Appendix B: A Chronology of Protective Security Development "This book shows you how military counter-intelligence principles and objectives are applied. It provides you with valuable advice and guidance to help your business understand threat vectors and the measures needed to reduce the risks and impacts to your organization. You will know how business-critical assets are compromised: cyberattack, data breach, system outage, pandemic, natural disaster, and many more. Rather than being compliance-concentric, this book focuses on how your business can identify the assets that are most valuable to your organization and the threat vectors associated with these assets. You will learn how to apply appropriate mitigation controls to reduce the risks within suitable tolerances. You will gain a comprehensive understanding of the value that effective protective security provides and how to develop an effective strategy for your type of business."-- Back cover
دانلود کتاب امنیت حفاظتی: ایجاد دفاعهای نظامی برای کسبوکار دیجیتال شما