You CAN Stop Stupid: Stopping Losses from Accidental and Malicious Actions

Voorkant
John Wiley & Sons, 3 dec 2020 - 368 pagina's

Stopping Losses from Accidental and Malicious Actions

Around the world, users cost organizations billions of dollars due to simple errors and malicious actions. They believe that there is some deficiency in the users. In response, organizations believe that they have to improve their awareness efforts and making more secure users. This is like saying that coalmines should get healthier canaries. The reality is that it takes a multilayered approach that acknowledges that users will inevitably make mistakes or have malicious intent, and the failure is in not planning for that. It takes a holistic approach to assessing risk combined with technical defenses and countermeasures layered with a security culture and continuous improvement. Only with this kind of defense in depth can organizations hope to prevent the worst of the cybersecurity breaches and other user-initiated losses.

Using lessons from tested and proven disciplines like military kill-chain analysis, counterterrorism analysis, industrial safety programs, and more, Ira Winkler and Dr. Tracy Celaya's You CAN Stop Stupid provides a methodology to analyze potential losses and determine appropriate countermeasures to implement.

  • Minimize business losses associated with user failings
  • Proactively plan to prevent and mitigate data breaches
  • Optimize your security spending
  • Cost justify your security and loss reduction efforts
  • Improve your organization’s culture

Business technology and security professionals will benefit from the information provided by these two well-known and influential cybersecurity speakers and experts.

 

Geselecteerde pagina's

Inhoudsopgave

Users Are Part of the System
11
What Is UserInitiated Loss?
17
Stopping Stupid Is Your
37
Foundational Concepts
39
The Problems with Awareness Efforts
67
When Its Okay to Blame the User
72
Protection Detection and Reaction
79
Reaction
83
User Metrics
147
The Kill Chain
153
Total Quality Management Revisited
167
Creating Effective Awareness Programs
183
Technical Countermeasures
197
Creating Effective Awareness Programs
225
Start with Boom
255
Right of Boom
265

Lessons from Safety Science
91
Putting Safety Science to
96
Applied Behavioral Science
104
Security Culture and Behavior
120
Security Culture and Behavior
125
Types of Cultures
127
Improving Culture
133
User Metrics
141
The Kill Chain
274
Preventing Boom
279
Determining the Most Effective Countermeasures
289
Implementation Considerations
303
If You Have Stupid Users You Have a Stupid System
317
Index
325
Copyright

Overige edities - Alles bekijken

You CAN Stop Stupid: Stopping Losses from Accidental and Malicious Actions
Ira Winkler,Tracy Celaya Brown
Gedeeltelijke weergave - 2020
You CAN Stop Stupid: Stopping Losses from Accidental and Malicious Actions
Ira Winkler,Tracy Celaya Brown
Gedeeltelijke weergave - 2020

Veelvoorkomende woorden en zinsdelen

antecedents anti-malware attack awareness efforts awareness program Chapter common compliance budget consequences consider create critical culture Cyber Kill Chain cybersecurity defined detection determine drives effective employees encryption ensure environment Equifax equipment example fail focus forgetting curve functions gamification goal governance identify implement important improve incidents initiate loss involved Left of Boom look loss mitigation loss reduction mail application malicious malware metrics mind map mitigate loss mitigate UIL multifactor authentication operational organization organization's password PCI DSS perform person phase phishing message policies potential loss prevent proactively problem procedures ransomware reduce result Right of Boom risk safety science security awareness Six Sigma social engineering social media specific stop strategy Subtopic target technical countermeasures technical vulnerability threats Tiffany & Company tion track types user actions videos vulnerabilities

Over de auteur (2020)

Ira Winkler, CISSP, is President of Secure Mentem and is widely viewed as one of the world's most influential security professionals. Ira is the recipient of several prestigious industry awards, including being named "The Awareness Crusader" by CSO magazine in receiving their CSO COMPASS Award. Dr. Tracy Celaya Brown, CISSP, is President of Go Consulting International. She is a sought-after consultant in IT Security Program Management, Organizational Development, and Change Management.

Bibliografische gegevens

TitelYou CAN Stop Stupid: Stopping Losses from Accidental and Malicious Actions
AuteursIra Winkler, Tracy Celaya Brown
UitgeverJohn Wiley & Sons, 2020
ISBN1119621984, 9781119621980
Lengte368 pagina's
  
Citatie exporterenBiBTeX EndNote RefMan