Tim Rains

This book is for CISOs, CSOs, security leaders, architects, and cybersecurity professionals responsible for strategy, risk reduction, and compliance in enterprise environments. Designing a cybersecurity strategy that actually works is difficult when threats evolve faster than budgets, teams, and tools.

Written by Tim Rains, a former Global Chief Security Advisor at Microsoft and senior security leader at AWS and Fortune-scale enterprises, this edition expands on the previous editions… Show more

This book is for CISOs, CSOs, security leaders, architects, and cybersecurity professionals responsible for strategy, risk reduction, and compliance in enterprise environments. Designing a cybersecurity strategy that actually works is difficult when threats evolve faster than budgets, teams, and tools.

Written by Tim Rains, a former Global Chief Security Advisor at Microsoft and senior security leader at AWS and Fortune-scale enterprises, this edition expands on the previous editions with major updates and new chapters. You will learn how threat intelligence, attack-centric security, intrusion kill chains, and MITRE ATT&CK can help defenders design stronger strategies.

New and expanded content covers ransomware, API security, “living off the land” attacks, resilience as a cybersecurity strategy, and the security of AI systems alongside practical guidance on using AI to improve security outcomes. This book takes a practical, evidence-based approach to cybersecurity strategy, helping you assess trade-offs, avoid costly missteps, and communicate clearly with executives and boards.

By the end of this book, you’ll be able to evaluate cybersecurity strategies more effectively, improve enterprise defenses, and communicate security priorities clearly to executives and boards.

Table of Contents
How Enterprises Get Hacked
What to Know About Threat Intelligence
Industry Vulnerability Disclosure Trends
Product Vulnerability Disclosure Trends
The Evolution of Malware
Internet-Based Threats
Application Programming Interface Security
Friend or Foe? The Roles Governments Play in Cybersecurity
Ingredients for a Successful Cybersecurity Strategy
Cybersecurity Strategies
Cybersecurity Strategy Implementation
Measuring Performance and Effectiveness
Modern Approaches to Security and Compliance
Mitigating “Living Off the Land” Techniques
Artificial Intelligence: Security of AI Systems and Using AI for Better Cybersecurity

ISBN-10: 1806028573
Indexed on Google Books Show less

Cybersecurity Threats, Malware Trends, and Strategies, Second Edition builds upon the success of the first edition that has helped so many aspiring CISOs, and cybersecurity professionals understand and develop effective data-driven cybersecurity strategies for their organizations. In this edition, you'll examine long-term trends in vulnerability disclosures and exploitation, regional differences in malware infections and the socio-economic factors that underpin them, and how ransomware evolved… Show more

Cybersecurity Threats, Malware Trends, and Strategies, Second Edition builds upon the success of the first edition that has helped so many aspiring CISOs, and cybersecurity professionals understand and develop effective data-driven cybersecurity strategies for their organizations. In this edition, you'll examine long-term trends in vulnerability disclosures and exploitation, regional differences in malware infections and the socio-economic factors that underpin them, and how ransomware evolved from an obscure threat to the most feared threat in cybersecurity. You'll also gain valuable insights into the roles that governments play in cybersecurity, including their role as threat actors, and how to mitigate government access to data. The book concludes with a deep dive into modern approaches to cybersecurity using the cloud.

Key Features
- Protect your organization from cybersecurity threats with field-tested strategies
- Understand threats such as exploits, malware, internet-based threats, and governments
- Measure the effectiveness of your organization's current cybersecurity program against modern attackers' tactics

ISBN-13: 978-1804618950
Indexed on Google Books Show less

Cybersecurity Threats, Malware Trends, and Strategies shares numerous insights about the threats that both public and private sector organizations face and the cybersecurity strategies that can mitigate them.
The book provides an unprecedented long-term view of the global threat landscape by examining the twenty-year trend in vulnerability disclosures and exploitation, nearly a decade of regional differences in malware infections, the socio-economic factors that underpin them, and how… Show more

Cybersecurity Threats, Malware Trends, and Strategies shares numerous insights about the threats that both public and private sector organizations face and the cybersecurity strategies that can mitigate them.
The book provides an unprecedented long-term view of the global threat landscape by examining the twenty-year trend in vulnerability disclosures and exploitation, nearly a decade of regional differences in malware infections, the socio-economic factors that underpin them, and how global malware has evolved. This will give you further perspectives into malware protection for your organization. It also examines internet-based threats that CISOs should be aware of.

The book will provide you with an evaluation of the various cybersecurity strategies that have ultimately failed over the past twenty years, along with one or two that have actually worked. It will help executives and security and compliance professionals understand how cloud computing is a game changer for them.

By the end of this book, you will know how to measure the effectiveness of your organization's cybersecurity strategy and the efficacy of the vendors you employ to help you protect your organization and yourself.

ISBN-13: 978-1800206014, ISBN-10: 1800206011
Indexed on Google Books Show less

Tim was the executive editor of the Microsoft Security Intelligence Report for 9 years, publishing more than 20 volumes of the report during that time.