Freshly Printed - allow 10 days lead
Couldn't load pickup availability
Building an Intelligence-Led Security Program
Understand strategic methods for planning and implementing an Intelligence-Led Information Security program.
Allan Liska (Author)
9780128021453, Elsevier Science
Paperback, published 8 December 2014
200 pages, 30 illustrations
23.5 x 19 x 1.4 cm, 0.34 kg
As recently as five years ago, securing a network meant putting in a firewall, intrusion detection system, and installing antivirus software on the desktop. Unfortunately, attackers have grown more nimble and effective, meaning that traditional security programs are no longer effective. Today's effective cyber security programs take these best practices and overlay them with intelligence. Adding cyber threat intelligence can help security teams uncover events not detected by traditional security platforms and correlate seemingly disparate events across the network. Properly-implemented intelligence also makes the life of the security practitioner easier by helping him more effectively prioritize and respond to security incidents. The problem with current efforts is that many security practitioners don't know how to properly implement an intelligence-led program, or are afraid that it is out of their budget. Building an Intelligence-Led Security Program is the first book to show how to implement an intelligence-led program in your enterprise on any budget. It will show you how to implement a security information a security information and event management system, collect and analyze logs, and how to practice real cyber threat intelligence. You'll learn how to understand your network in-depth so that you can protect it in the best possible way.
I. Defining Intelligence Chapter 1: Understanding the Threat Chapter 2: What is Intelligence? Chapter 3: Creating an Intelligence Model for Network Security II. Applying Intelligence toYour Network Chapter 4: Gathering Intelligence Chapter 5: Internal Intelligence Sources Chapter 6: External Intelligence Sources Chapter 7: Internal and External Intelligence III. Using Outside Resources Chapter 8: CERTs, ISACs, and Other Threat Sources Chapter 9: Advanced Intelligence Capabilities
Subject Areas: Network security [UTN], Computer security [UR]
