Book description
The business world faces an interesting paradox: although companies spend more money than ever on security solutions and protective technologies, breaches and other attacks continue to escalate. This raises the question: are we, as an industry, doing something wrong? With the increase in targeted cyberattacks, rising risk levels, and high-impact consequences, it's more important than ever to be able to answer that question.
In this report, Christopher Frenz and Jonathan Reiber show CISOs, security directors, and security managers how to transform security from an artform to a science, with evidence-based solutions leading the way. You'll learn how to operationalize the MITRE ATT&CK framework and enable your team to produce actionable results and meaningful metrics, and measurably improve your security posture.
With this report, you'll learn:
- Why more security doesn't always provide more protection, and why compliance alone cannot guarantee security
- Ways to justify security spend through proven results
- How to use an evidence-based security framework, mapping TTPs with the MITRE ATT&CK knowledge base
- The advantages of automating breach and attack simulations, especially as a tool for continuous validation
- Evidence-based security metrics that matter, including actionable KPIs for different stakeholders in your organization
About the authors:
Christopher Frenz is the associate vice president of IT security for Mount Sinai South Nassau.
Jonathan Reiber is vice president for cybersecurity strategy and policy at the cybersecurity startup AttackIQ.
Product information
- Title: Evidence-Based Security
- Author(s):
- Release date: May 2023
- Publisher(s): O'Reilly Media, Inc.
- ISBN: 9781098148935
You might also like
book
Aligning Security Operations with the MITRE ATT&CK Framework
Align your SOC with the ATT&CK framework and follow practical examples for successful implementation Purchase of …
audiobook
Difficult Conversations
You have to talk with a colleague about a fraught situation, but you're worried that they'll …
book
Cybersecurity and Third-Party Risk
STRENGTHEN THE WEAKEST LINKS IN YOUR CYBERSECURITY CHAIN Across the world, the networks of hundreds of …
book
Ransomware and Cyber Extortion: Response and Prevention
Protect Your Organization from Devastating Ransomware and Cyber Extortion Attacks Ransomware and other cyber extortion crimes …