Cybersecurity First Principles: A Reboot of Strategy and Tactics

Cybersecurity First Principles: A Reboot of Strategy and Tactics

by Rick Howard
Released April 2023
Publisher(s): Wiley
ISBN: 9781394173082

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Book description

The first expert discussion of the foundations of cybersecurity

In Cybersecurity First Principles, Rick Howard, the Chief Security Officer, Chief Analyst, and Senior fellow at The Cyberwire, challenges the conventional wisdom of current cybersecurity best practices, strategy, and tactics and makes the case that the profession needs to get back to first principles. The author convincingly lays out the arguments for the absolute cybersecurity first principle and then discusses the strategies and tactics required to achieve it.

In the book, you'll explore:

  • Infosec history from the 1960s until the early 2020s and why it has largely failed
  • What the infosec community should be trying to achieve instead
  • The arguments for the absolute and atomic cybersecurity first principle
  • The strategies and tactics to adopt that will have the greatest impact in pursuing the ultimate first principle
  • Case studies through a first principle lens of the 2015 OPM hack, the 2016 DNC Hack, the 2019 Colonial Pipeline hack, and the Netflix Chaos Monkey resilience program
  • A top to bottom explanation of how to calculate cyber risk for two different kinds of companies

This book is perfect for cybersecurity professionals at all levels: business executives and senior security professionals, mid-level practitioner veterans, newbies coming out of school as well as career-changers seeking better career opportunities, teachers, and students.

Table of contents

  1. Cover
  2. Title Page
  3. Who We Are
    1. Foreword
  4. Introduction
    1. Who Is This Book For?
    2. What the Book Covers
    3. Writing Conventions
    4. Road Map
  5. 1 First Principles
    1. Overview
    2. What Are First Principles?
    3. What Is the Atomic Cybersecurity First Principle?
    4. Conclusion
    5. Notes
  6. 2 Strategies
    1. Overview
    2. Strategies vs. Tactics
    3. What Are the Essential Strategies Required for a First Principle Infosec Program?
    4. Zero Trust Strategy Overview
    5. Intrusion Kill Chain Prevention Strategy Overview
    6. Resilience Strategy Overview
    7. Risk Forecasting Strategy Overview
    8. Automation Strategy Overview
    9. Conclusion
    10. Notes
  7. 3 Zero Trust
    1. Overview
    2. The Use Case for Zero Trust: Edward Snowden
    3. Zero Trust: Overhyped in the Market but…
    4. Cyber Hygiene, Defense in Depth, and Perimeter Defense: Zero Trust Before We Had Zero Trust
    5. Zero Trust Is Born
    6. Zero Trust Is a Philosophy, Not a Product
    7. Meat‐and‐Potatoes Zero Trust
    8. Logical and Micro Segmentation
    9. Vulnerability Management: A Zero Trust Tactic
    10. Software Bill of Materials: A Zero Trust Tactic
    11. Identity Management: A Tactic for Zero Trust
    12. Single Sign‐On: A Zero Trust Tactic
    13. Two‐Factor Authentication: A Tactic for Zero Trust
    14. Software‐Defined Perimeter: A Tactic for Zero Trust
    15. Why Zero Trust Projects Fail
    16. Conclusion
    17. Notes
  8. 4 Intrusion Kill Chain Prevention
    1. Overview
    2. The Beginnings of a New Idea
    3. The Lockheed Martin Kill Chain Paper
    4. Kill Chain Models
    5. Cyber Threat Intelligence Operations As a Journey
    6. Red/Blue/Purple Team Operations: A Tactic for Intrusion Kill Chain Prevention
    7. Intelligence Sharing: A Tactic for Intrusion Kill Chain Prevention
    8. Conclusion
    9. Notes
  9. 5 Resilience
    1. Overview
    2. What Is Resilience?
    3. Crisis Handling: A Tactic for Resilience
    4. Backups: A Tactic for Resilience
    5. Encryption: A Tactic for Resilience
    6. Incident Response: A Tactic for Resilience
    7. Conclusion
    8. Notes
  10. 6 Risk Forecasting
    1. Overview
    2. Superforecasting, Fermi Estimates, and Black Swans
    3. Bayes Rule: A Different Way to Think About Cybersecurity Risk
    4. Risk Forecasting with the Bayes Rule: A Practical Example
    5. Conclusion
    6. Notes
  11. 7 Automation
    1. Overview
    2. Why Security Automation Is Essential
    3. Early History of Software Development Philosophies
    4. DevSecOps: An Essential Tactic for Automation
    5. Compliance: A First Principle Tactic That Cuts Across All Strategies
    6. Chaos Engineering for Automation and Resilience
    7. Conclusion
    8. Notes
  12. 8 Summation
    1. Overview
    2. Zero Trust
    3. Conclusion
  13. Index
  14. Copyright
  15. Dedication
  16. About the Authors
  17. About the Technical Editors
  18. Acknowledgments
  19. End User License Agreement

Product information

  • Title: Cybersecurity First Principles: A Reboot of Strategy and Tactics
  • Author(s): Rick Howard
  • Release date: April 2023
  • Publisher(s): Wiley
  • ISBN: 9781394173082