finelybook
Security from Zero: Practical Security for Busy People
by 作者: Eric Higgins
Publisher Finelybook 出版日期: 2020
Pages: 142
Language 语言: English
Pages: PDF/EPUB
Size: 11 Mb
Book Description
Revision 7 – 2020-04-17
Most of the marketing employed by 作者: the security industry tends to rely on a bit of fear-mongering. It’s easy to sell sensationalism — to say that “everything is broken” and cause a sense of alarm and hopelessness.
The goal of this book is not to impart fear,but knowledge. Informed individuals are less likely to panic when scary things happen. They’re more likely to understand what’s going on and how to respond appropriately. They’re more likely to prepare and prevent disasters when they understand the real risks that they might face. The goal of this book is to inspire confidence in the reader and an understanding that,despite the overwhelming perception that everything is broken,the future is not doomed because everything can be fixed.
Your inbox is overflowing,your day is full of meetings,everyone needs something from you,and you’re struggling to stay ahead of it all while trying to grow your company. There’s that nagging feeling that you should probably be doing something with security to defend all of this work that you’ve done,to protect your investment. But,what should you be doing? Where do you even begin?
If this sounds familiar,then this book is for you. I want to share my experience with you so that you’ll know when it’s time to start focusing on security and how to start from scratch. This book explains the practical things you can do today,soon,and later — to improve your security wisely,to maximize the impact,and the metrics you’ll need to make decisions,set goals and track progress.
This book focuses on the high level strategy of successful security programs and avoids deep technical discussions so that you’ll have the right level of insight to make informed decisions and can spend your time on the things that matter most.
Goals of This Book
Kickstarting Your Security Program
The Importance of Security Culture
Your First Security Hire
Prioritizing the Work: Effort vs Impact
Workload Management: Issue Tracking
Your Data-Driven Security Program
Leveraging Security Frameworks & Questionnaires
Regulation and Compliance
Tracking Vulnerabilities
Planning Your Security Budget
Responding to Incidents
Threat Modeling Exercises
Effective Bug Bounty Programs
Security Audits & Penetration Tests
Least Privilege & Access Controls
Monitoring & Alerting
