Название: Taming the Hacking Storm: A Framework for Defeating Hackers and Malware
Автор: Roger A. Grimes
Издательство: Wiley
Год: 2025
Страниц: 336
Язык: английский
Формат: pdf, epub (true)
Размер: 10.1 MB
A transformative new approach to Internet security from an experienced industry expert.
Taming the Hacking Storm: A Framework for Defeating Hackers and Malware is a groundbreaking new roadmap to solving the ubiquitous Internet security issues currently plaguing countries, businesses, and individuals around the world. In easy-to-understand and non-technical language, author and cybersecurity veteran Roger Grimes describes the most prevalent threats to our online safety today and what ties them all together. He goes on to lay out a comprehensive and robust framework for combating that threat—one that rests on a foundation of identity verification—and explains exactly how to implement it in the real world.
The author addresses each of the challenges, pitfalls, and roadblocks that might stand in the way of his solutions, offering practical ways to navigate, avoid, or counter those impediments.
The book also includes:
• How to address peripheral security issues, including software and firmware vulnerabilities
• Strategies for addressing a lack of international agreement on the implementation of security standards and practices
• Things you can do today to encourage the development of a more secure, trusted Internet
An insightful and original new approach to cybersecurity that promises to transform the way we all use the Internet, Taming the Hacking Storm is a must-read guide for cybersecurity practitioners, academic researchers studying Internet security, and members of the general public with an interest in tech, security, and privacy.
Here I summarize what is covered in each chapter:
Part I. Identifying the Problem
Part I discusses how bad Internet security is and the main underlying problem.
Chapter 1: How Bad Is Internet Security
Chapter 1 discusses how bad Internet cybercrime is, using reported statistics and figures. It shouldn’t shock anyone that cybercrime involves many billions of dollars each year with millions and millions of victims. Any solution(s) to significantly improve Internet security, if successful, should significantly decrease these figures over time.
Chapter 2: How We Are Attacked and Why
This chapter covers how all Internet malicious hacking and malware exploitation happens. It focuses on the initial root access causes of hacking and the motivations of the involved cybercriminals. This chapter is a comprehensive, albeit brief, look at the cybercrime ecosystem that a good Internet security solution would mitigate.
Chapter 3: The Problem
Behind most cybercrime lies one main underlying problem that allows all the others to flourish. This chapter discusses a similar real-world crime issue and what it took to solve it. It covers the main Internet security problem we need to solve ahead of all others.
Part II. The Technology Solution
Part II covers the theory and details of how to provide the solution to fix Internet security, including all its component parts and technologies.
Part III. Challenging the Solution
Every security defense product needs to be threat modeled. Part III covers a second threat model of the solution and answers common questions.
Part IV. Other Needed Solutions
Internet security involves many big problems, not all of which are directly addressed with the solution proposed in this book. Part IV is a quick look at those other issues with other recommended solutions.
Chapter 15: Secure Coding
About one-third of all successful data breaches involve programmed software or firmware vulnerabilities and it has been this way since the beginning of computers. Chapter 15 covers the problem of insecure coding and suggests better fixes.
Secure coding includes all the education, policies, tools, and methods that are used to reduce the number of vulnerabilities and exposure to vulnerabilities when developing software and firmware code. All developers (and anyone else in the development delivery chain, such as managers) need to be taught secure programming, including common vulnerabilities, common exploitation techniques, access control, least privilege, and fail-safe defaults. All developers should understand the CIA (confidential, integrity, availability) triad that drives the cybersecurity industry. Programmers need to understand authentication, access control, authorization, impersonation, delegation, accounting, auditing, and logging.
...
Chapter 18: What You Can Do
Every person reading this book and learning about its concepts can play a part in helping to better secure our Internet. Chapter 18 summarizes the solution and covers what you can do personally and at your organization to help make the Internet safer for everyone, from our grandparents to our grandchildren. You, too, are part of the solution.
Скачать Taming the Hacking Storm: A Framework for Defeating Hackers and Malware
[related-news]
[/related-news]