Adversarial Tradecraft in Cybersecurity. Offense versus defense in real-time computer conflict

Dan Borges

Little has been written about what to do when live hackers are on your system and running amok. Even experienced hackers tend to choke up when they realize the network defender has caught them and is zoning in on their implants in real time. This book will provide tips and tricks all along the kill chain of an attack, showing where hackers can have the upper hand in a live conflict and how defenders can outsmart them in this adversarial game of computer cat and mouse.This audiobook contains two subsections in each chapter, specifically focusing on the offensive and defensive teams. It begins by introducing you to adversarial operations and principles of computer conflict where you will explore the core principles of deception, humanity, economy, and more about human-on-human conflicts. Additionally, you will understand everything from planning to setting up infrastructure and tooling that both sides should have in place.Throughout this audiobook, you will learn how to gain an advantage over opponents by disappearing from what they can detect. You will further understand how to blend in, uncover other actors’ motivations and means, and learn to tamper with them to hinder their ability to detect your presence. Finally, you will learn how to gain an advantage through advanced research and thoughtfully concluding an operation.By the end of this audiobook, you will have achieved a solid understanding of cyberattacks from both an attacker’s and a defender’s perspective.

Bezpiecznie już było. Jak żyć w świecie sieci, terrorystów i ciągłej niepewności

  XXI wiek wszystkich strachów   W roku 1989 pożegnaliśmy komunizm i - nie wiedząc wtedy jeszcze o tym - powitaliśmy niepewność jutra. Zniknęły gwarancje zatrudnienia, jako społeczeństwo odbyliśmy przyspieszony kurs ekonomicznej samodzielności. Do NATO wkraczaliśmy z kilkunastoprocentowym bezrobociem i wielką rzeszą ludzi żyjących poniżej progu ubóstwa, ale gdzieś na niezbyt odległym horyzoncie pojawiła się już perspektywa wstąpienia do Unii Europejskiej i nadzieja na otwarcie się zagranicznych rynków na polskich pracowników. Później w dalekim Nowym Jorku w zamachu terrorystycznym runęły dwie wieże World Trade Center. To nas przeraziło, ale terroryści z turbanami na głowach byli dla nas tak odlegli jak - nie przymierzając - kosmici. Na naszym kontynencie był spokój, a w naszym kraju czuliśmy się szczególnie bezpiecznie, uznając, że to peryferia Zachodu. O, czyżby? Drugie dziesięciolecie obecnego wieku wytrąciło nas ze strefy komfortu. Za wschodnią granicą wybuchła regularna, choć oficjalnie niewypowiedziana wojna. Terroryści wyprowadzili się z odległego Iraku i Afganistanu, wybierając zamiast nich obiecaną ziemię Europy. Dziś już raz po raz natykamy się w internecie na cybernetyczne potyczki sterowanych sieciowych trolli. Z tsunami fake newsów coraz trudniej wyłowić rzetelne informacje... Czego naprawdę należy się bać? Czy będziemy obiektem ataku terrorystycznego? Czy polską ziemię mogą rozjechać rosyjskie czołgi? A może lepiej zamknąć oczy na politykę i zwyczajnie pilnować kursu franka, bo tym, co najbardziej zagraża naszemu bezpieczeństwu, są wahania wartości szwajcarskiej waluty? Jak żyć w świecie, który nieprędko (jeśli kiedykolwiek) znów będzie względnie bezpieczny, i nie dać się zwariować?   Co nam zagraża? Jak żyć bezpiecznie w sieciowej rzeczywistości? Jaka jest hierarchia potrzeb człowieka w świecie ciągłej niepewności? Odpowiedź na te fundamentalne pytania stanowi treść bogatej w fakty i przemyślenia książki Pauliny i Romana Polko. Napisana barwnym językiem, w sposób niezwykle przystępny tłumaczy czytelnikowi zawiłości i fenomeny współczesnego świata: konsekwencje migracji, terroryzmu, globalnego ocieplenia; zagadnienia wojen informacyjnych i cyberbezpieczeństwa, rywalizacji o zasoby i surowce naturalne. Nie zapomina przy tym o wyzwaniach bardziej tradycyjnych, związanych z konfliktami zbrojnymi i ekspansją terytorialną, współzawodnictwem ekonomicznym czy też przesuwaniem się ciężkości świata w kierunku Dalekiego Wschodu. Ciekawa, barwna i pełna szczegółów opowieść o bezpieczeństwie Polski i świata w XXI wieku. Nieszablonowa, obalająca stereotypy i polityczne mistyfikacje; pozwalająca zrozumieć wyzwania przyszłości, a nie rozpamiętywać przeszłe konflikty. Lektura obowiązkowa nie tylko dla zainteresowanych sprawami międzynarodowymi w naszym kraju. Aleksander Kwaśniewski, Prezydent RP w latach 1995-2005  

Building a Cyber Resilient Business. A cyber handbook for executives and boards

Dr. Magda Lilia Chelly, Shamane Tan, Hai Tran

With cyberattacks on the rise, it has become essential for C-suite executives and board members to step up and collectively recognize cyber risk as a top priority business risk. However, non-cyber executives find it challenging to understand their role in increasing the business’s cyber resilience due to its complex nature and the lack of a clear return on investment.This audiobook demystifies the perception that cybersecurity is a technical problem, drawing parallels between the key responsibilities of the C-suite roles to line up with the mission of the Chief Information Security Officer (CISO).The audiobook equips you with all you need to know about cyber risks to run the business effectively. Each chapter provides a holistic overview of the dynamic priorities of the C-suite (from the CFO to the CIO, COO, CRO, and so on), and unpacks how cybersecurity must be embedded in every business function. The audiobook also contains self-assessment questions, which are a helpful tool in evaluating any major cybersecurity initiatives and/or investment required.With this audiobook, you’ll have a deeper appreciation of the various ways all executives can contribute to the organization’s cyber program, in close collaboration with the CISO and the security team, and achieve a cyber-resilient, profitable, and sustainable business.

Cloud Auditing Best Practices. Perform Security and IT Audits across AWS, Azure, and GCP by building effective cloud auditing plans

Shinesa Cambric, Michael Ratemo

As more and more companies are moving to cloud and multi-cloud environments, being able to assess the compliance of these environments properly is becoming more important. But in this fast-moving domain, getting the most up-to-date information is a challenge—so where do you turn?Cloud Auditing Best Practices has all the information you’ll need. With an explanation of the fundamental concepts and hands-on walk-throughs of the three big cloud players, this audiobook will get you up to speed with cloud auditing before you know it.After a quick introduction to cloud architecture and an understanding of the importance of performing cloud control assessments, you’ll quickly get to grips with navigating AWS, Azure, and GCP cloud environments. As you explore the vital role an IT auditor plays in any company’s network, you'll learn how to successfully build cloud IT auditing programs, including using standard tools such as Terraform, Azure Automation, AWS Policy Sentry, and many more.You’ll also get plenty of tips and tricks for preparing an effective and advanced audit and understanding how to monitor and assess cloud environments using standard tools.By the end of this audiobook, you will be able to confidently apply and assess security controls for AWS, Azure, and GCP, allowing you to independently and effectively confirm compliance in the cloud.

Cloud Identity Patterns and Strategies. Design enterprise cloud identity models with OAuth 2.0 and Azure Active Directory

Giuseppe Di Federico, Fabrizio Barcaroli

Identity is paramount for every architecture design, making it crucial for enterprise and solutions architects to understand the benefits and pitfalls of implementing identity patterns. However, information on cloud identity patterns is generally scattered across different sources and rarely approached from an architect’s perspective, and this is what Cloud Identity Patterns and Strategies aims to solve, empowering solutions architects to take an active part in implementing identity solutions.Throughout this audiobook, you’ll cover various theoretical topics along with practical examples that follow the implementation of a standard de facto identity provider (IdP) in an enterprise, such as Azure Active Directory. As you progress through the chapters, you’ll explore the different factors that contribute to an enterprise's current status quo around identities and harness modern authentication approaches to meet specific requirements of an enterprise. You’ll also be able to make sense of how modern application designs are impacted by the company’s choices and move on to recognize how a healthy organization tackles identity and critical tasks that the development teams pivot on.By the end of this audiobook, you’ll be able to breeze through creating portable, robust, and reliable applications that can interact with each other.

Cyber Warfare - Truth, Tactics, and Strategies. Strategic concepts and truths to help you and your organization survive on the battleground of cyber warfare

The era of cyber warfare is now upon us. What we do now and how we determine what we will do in the future is the difference between whether our businesses live or die and whether our digital self survives the digital battlefield. Cyber Warfare – Truth, Tactics, and Strategies takes you on a journey through the myriad of cyber attacks and threats that are present in a world powered by AI, big data, autonomous vehicles, drones video, and social media.Dr. Chase Cunningham uses his military background to provide you with a unique perspective on cyber security and warfare. Moving away from a reactive stance to one that is forward-looking, he aims to prepare people and organizations to better defend themselves in a world where there are no borders or perimeters. He demonstrates how the cyber landscape is growing infinitely more complex and is continuously evolving at the speed of light.The audiobook not only covers cyber warfare, but it also looks at the political, cultural, and geographical influences that pertain to these attack methods and helps you understand the motivation and impacts that are likely in each scenario.Cyber Warfare – Truth, Tactics, and Strategies is as real-life and up-to-date as cyber can possibly be, with examples of actual attacks and defense techniques, tools. and strategies presented for you to learn how to think about defending your own systems and data.

Cybersecurity and Privacy Law Handbook. A beginner's guide to dealing with privacy and security while keeping hackers at bay

Walter Rocchi

Cybercriminals are incessantly coming up with new ways to compromise online systems and wreak havoc, creating an ever-growing need for cybersecurity practitioners in every organization across the globe who understand international security standards, such as the ISO27k family of standards.If you’re looking to ensure that your company's data conforms to these standards, Cybersecurity and Privacy Law Handbook has got you covered. It'll not only equip you with the rudiments of cybersecurity but also guide you through privacy laws and explain how you can ensure compliance to protect yourself from cybercrime and avoid the hefty fines imposed for non-compliance with standards.Assuming that you're new to the field, this book starts by introducing cybersecurity frameworks and concepts used throughout the chapters. You'll understand why privacy is paramount and how to find the security gaps in your company's systems. There's a practical element to the book as well—you'll prepare policies and procedures to prevent your company from being breached. You’ll complete your learning journey by exploring cloud security and the complex nature of privacy laws in the US.By the end of this cybersecurity book, you'll be well-placed to protect your company's data and comply with the relevant standards.

Cybersecurity Leadership Demystified. A comprehensive guide to becoming a world-class modern cybersecurity leader and global CISO

Dr. Erdal Ozkaya

The chief information security officer (CISO) is responsible for an organization's information and data security. The CISO's role is challenging as it demands a solid technical foundation as well as effective communication skills. This audiobook is for busy cybersecurity leaders and executives looking to gain deep insights into the domains important for becoming a competent cybersecurity leader.The audiobook begins by introducing you to the CISO's role, where you'll learn key definitions, explore the responsibilities involved, and understand how you can become an efficient CISO. You'll then be taken through end-to-end security operations and compliance standards to help you get to grips with the security landscape. In order to be a good leader, you'll need a good team. This book guides you in building your dream team by familiarizing you with HR management, documentation, and stakeholder onboarding. Despite taking all that care, you might still fall prey to cyber attacks; this audiobook will show you how to quickly respond to an incident to help your organization minimize losses, decrease vulnerabilities, and rebuild services and processes. Finally, you'll explore other key CISO skills that'll help you communicate at both senior and operational levels.By the end of this audiobook, you'll have gained a complete understanding of the CISO's role and be ready to advance your career.