Gain useful insights into cybersecurity leadership in a modern-day organization with the help of use cases Key FeaturesDiscover tips and expert advice from the leading CISO and author of many cybersecurity booksBecome well-versed with a CISO's day-to-day responsibilities and learn how to perform them with easeUnderstand real-world challenges faced by a CISO and find out the best way to solve themBook Description The chief information security officer (CISO) is responsible for an organization's information and data security. The CISO's role is challenging as it demands a solid technical foundation as well as effective communication skills. This book is for busy cybersecurity leaders and executives looking to gain deep insights into the domains important for becoming a competent cybersecurity leader. The book begins by introducing you to the CISO's role, where you'll learn key definitions, explore the responsibilities involved, and understand how you can become an efficient CISO. You'll then be taken through end-to-end security operations and compliance standards to help you get to grips with the security landscape. In order to be a good leader, you'll need a good team. This book guides you in building your dream team by familiarizing you with HR management, documentation, and stakeholder onboarding. Despite taking all that care, you might still fall prey to cyber attacks; this book will show you how to quickly respond to an incident to help your organization minimize losses, decrease vulnerabilities, and rebuild services and processes. Finally, you'll explore other key CISO skills that'll help you communicate at both senior and operational levels. By the end of this book, you'll have gained a complete understanding of the CISO's role and be ready to advance your career. What you will learnUnderstand the key requirements to become a successful CISOExplore the cybersecurity landscape and get to grips with end-to-end security operationsAssimilate compliance standards, governance, and security frameworksFind out how to hire the right talent and manage hiring procedures and budgetDocument the approaches and processes for HR, compliance, and related domainsFamiliarize yourself with incident response, disaster recovery, and business continuityGet the hang of tasks and skills other than hardcore security operationsWho this book is for This book is for aspiring as well as existing CISOs. This book will also help cybersecurity leaders and security professionals understand leadership in this domain and motivate them to become leaders. A clear understanding of cybersecurity posture and a few years of experience as a cybersecurity professional will help you to get the most out of this book.

At a critical point in human history, this book presents proven ways to gain the skills needed to develop sustainable IT practices and set yourself apart as a progressive technology leader Key Features Execute a sustainable IT strategy with proven methods and real-world use cases Progress as a sustainable IT advocate and set yourself apart from other senior IT leaders Increase your chances of receiving executive buy-in on your sustainable IT strategy Book DescriptionWe are at a critical point in human history. Humanity is under threat, but all is not lost. We can take action! But how? Sustainable IT Playbook for Technology Leaders will show you how. It will walk you through the construction and implementation of a sustainable IT strategy and enable you to do your bit for the future of mankind. The book is split into three parts. Part I details the “why” and the clear and present danger that humanity faces today: the climate crisis. How did we get here, what are the immediate threats, what are the planetary boundaries that we need to peel back to safe levels, and what impact does IT have on society at large? Part II will focus on the "what.” It examines the nitty-gritty details of what we can do to unlock significant returns on sustainable investments toward a more sustainable future. Part III, the final part of the book, focuses on the “how.” How do you turn your ideas into action? What do you need to do to establish your baseline and your direction of travel towards your objective? This part provides tangible case studies and explains how you can start your journey today to begin delivering global and impactful objectives. By the end of this book, you’ll be able to plan, implement, and communicate a sustainable IT strategy and set yourself apart as a progressive technology leader.What you will learn Discover why IT is a major contributor to carbon emissions Explore the principles and key methods of sustainable IT practices Build a robust, sustainable IT strategy based on proven methods Optimize and rationalize your code to consume fewer resources Understand your energy consumption patterns Apply a circular approach to the IT hardware life cycle Establish your sustainable IT baseline Inspire and engage employees, customers, and stakeholders Who this book is for This book is for executive IT leaders such as CIOs, CDOs, and CTOs dedicated to influencing, inspiring, and engaging businesses, organizations, and individuals to reduce their carbon footprint through sustainable IT practices.

Secure your business in a post-pandemic world: Master digital risk identification and defense Purchase of the print or Kindle book includes a free PDF eBook Key FeaturesBecome well-versed with sophisticated system-level security risks and the zero-trust frameworkLearn about remote working risks, modern collaboration, and securing the digital data estateKeep up with rapidly evolving compliances and regulations and their impact on cyber risksBook Description With the rapid pace of digital change today, especially since the pandemic sped up digital transformation and technologies, it has become more important than ever to be aware of the unknown risks and the landscape of digital threats. This book highlights various risks and shows how business-as-usual operations carried out by unaware or targeted workers can lead your organization to a regulatory or business risk, which can impact your organization's reputation and balance sheet. This book is your guide to identifying the topmost risks relevant to your business with a clear roadmap of when to start the risk mitigation process and what your next steps should be. With a focus on the new and emerging risks that remote-working companies are experiencing across diverse industries, you'll learn how to manage risks by taking advantage of zero trust network architecture and the steps to be taken when smart devices are compromised. Toward the end, you'll explore various types of AI-powered machines and be ready to make your business future-proof. In a nutshell, this book will direct you on how to identify and mitigate risks that the ever- advancing digital technology has unleashed. What you will learnBecome aware of and adopt the right approach to modern digital transformationExplore digital risks across companies of all sizesStudy real-world cases that focus on post-pandemic digital transformationUnderstand insider threats and how to mitigate vulnerability exploitationGet to know how cyberwarfare targets infrastructure and disrupts critical systemsDiscover how implementing a regulatory framework can safeguard you in the current and future data landscapesWho this book is for This book is for three categories of readers—those who own a business and are planning to scale it; those who are leading business and technology charters in large companies or institutions; and those who are academically or disciplinarily targeting cybersecurity and risk management as a practice-area. Essentially, this book is for board members, and professionals working in IT, GRC, and legal domains. It will also help technology leaders, including chief digital officers, chief privacy officers, chief risk officers, CISOs, CIOs, as well as students and cybersecurity enthusiasts with basic awareness of risks to navigate the digital threat landscape.

Updated edition of the bestselling guide for planning attack and defense strategies based on the current threat landscape Key FeaturesUpdated for ransomware prevention, security posture management in multi-cloud, Microsoft Defender for Cloud, MITRE ATT&CK Framework, and moreExplore the latest tools for ethical hacking, pentesting, and Red/Blue teamingIncludes recent real-world examples to illustrate the best practices to improve security postureBook Description Cybersecurity – Attack and Defense Strategies, Third Edition will bring you up to speed with the key aspects of threat assessment and security hygiene, the current threat landscape and its challenges, and how to maintain a strong security posture. In this carefully revised new edition, you will learn about the Zero Trust approach and the initial Incident Response process. You will gradually become familiar with Red Team tactics, where you will learn basic syntax for commonly used tools to perform the necessary operations. You will also learn how to apply newer Red Team techniques with powerful tools. Simultaneously, Blue Team tactics are introduced to help you defend your system from complex cyber-attacks. This book provides a clear, in-depth understanding of attack/defense methods as well as patterns to recognize irregular behavior within your organization. Finally, you will learn how to analyze your network and address malware, while becoming familiar with mitigation and threat detection techniques. By the end of this cybersecurity book, you will have discovered the latest tools to enhance the security of your system, learned about the security controls you need, and understood how to carry out each step of the incident response process. What you will learnLearn to mitigate, recover from, and prevent future cybersecurity eventsUnderstand security hygiene and value of prioritizing protection of your workloadsExplore physical and virtual network segmentation, cloud network visibility, and Zero Trust considerationsAdopt new methods to gather cyber intelligence, identify risk, and demonstrate impact with Red/Blue Team strategiesExplore legendary tools such as Nmap and Metasploit to supercharge your Red TeamDiscover identity security and how to perform policy enforcementIntegrate threat detection systems into your SIEM solutionsDiscover the MITRE ATT&CK Framework and open-source tools to gather intelligenceWho this book is for If you are an IT security professional who wants to venture deeper into cybersecurity domains, this book is for you. Cloud security administrators, IT pentesters, security consultants, and ethical hackers will also find this book useful. Basic understanding of operating systems, computer networking, and web applications will be helpful.

Learn how to build a cybersecurity program for a changing world with the help of proven best practices and emerging techniques Key FeaturesUnderstand what happens in an attack and build the proper defenses to secure your organizationDefend against hacking techniques such as social engineering, phishing, and many morePartner with your end user community by building effective security awareness training programsBook Description Security is everyone's responsibility and for any organization, the focus should be to educate their employees about the different types of security attacks and how to ensure that security is not compromised. This cybersecurity book starts by defining the modern security and regulatory landscape, helping you understand the challenges related to human behavior and how attacks take place. You'll then see how to build effective cybersecurity awareness and modern information security programs. Once you've learned about the challenges in securing a modern enterprise, the book will take you through solutions or alternative approaches to overcome those issues and explain the importance of technologies such as cloud access security brokers, identity and access management solutions, and endpoint security platforms. As you advance, you'll discover how automation plays an important role in solving some key challenges and controlling long-term costs while building a maturing program. Toward the end, you'll also find tips and tricks to keep yourself and your loved ones safe from an increasingly dangerous digital world. By the end of this book, you'll have gained a holistic understanding of cybersecurity and how it evolves to meet the challenges of today and tomorrow. What you will learnUnderstand the macro-implications of cyber attacksIdentify malicious users and prevent harm to your organizationFind out how ransomware attacks take placeWork with emerging techniques for improving security profilesExplore identity and access management and endpoint securityGet to grips with building advanced automation modelsBuild effective training programs to protect against hacking techniquesDiscover best practices to help you and your family stay safe onlineWho this book is for This book is for security practitioners, including analysts, engineers, and security leaders, who want to better understand cybersecurity challenges. It is also for beginners who want to get a holistic view of information security to prepare for a career in the cybersecurity field. Business leaders looking to learn about cyber threats and how they can protect their organizations from harm will find this book especially useful. Whether you're a beginner or a seasoned cybersecurity professional, this book has something new for everyone.

This book is composed by the papers written in English and accepted for presentation and discussion at The 2023 International Conference on Information Technology & Systems (ICITS'23), held at Universidad Nacional de San Antonio Abad del Cusco, in Cusco, Peru, between the 24th and the 26th of April 2023. ICIST is a global forum for researchers and practitioners to present and discuss recent findings and innovations, current trends, professional experiences and challenges of modern information technology and systems research, together with their technological development and applications. The main topics covered are: information and knowledge management; organizational models and information systems; software and systems modelling; software systems, architectures, applications and tools; multimedia systems and applications; computer networks, mobility and pervasive systems; intelligent and decision support systems; big data analytics and applications; human–computer interaction; ethics, computers & security; health informatics; information technologies in education, and Media, Applied Technology and Communication.

Enhance your skills as a cloud investigator to adeptly respond to cloud incidents by combining traditional forensic techniques with innovative approaches Key Features Uncover the steps involved in cloud forensic investigations for M365 and Google Workspace Explore tools and logs available within AWS, Azure, and Google for cloud investigations Learn how to investigate containerized services such as Kubernetes and Docker Purchase of the print or Kindle book includes a free PDF eBook Book DescriptionAs organizations embrace cloud-centric environments, it becomes imperative for security professionals to master the skills of effective cloud investigation. Cloud Forensics Demystified addresses this pressing need, explaining how to use cloud-native tools and logs together with traditional digital forensic techniques for a thorough cloud investigation. The book begins by giving you an overview of cloud services, followed by a detailed exploration of the tools and techniques used to investigate popular cloud platforms such as Amazon Web Services (AWS), Azure, and Google Cloud Platform (GCP). Progressing through the chapters, you’ll learn how to investigate Microsoft 365, Google Workspace, and containerized environments such as Kubernetes. Throughout, the chapters emphasize the significance of the cloud, explaining which tools and logs need to be enabled for investigative purposes and demonstrating how to integrate them with traditional digital forensic tools and techniques to respond to cloud security incidents. By the end of this book, you’ll be well-equipped to handle security breaches in cloud-based environments and have a comprehensive understanding of the essential cloud-based logs vital to your investigations. This knowledge will enable you to swiftly acquire and scrutinize artifacts of interest in cloud security incidents. What you will learn Explore the essential tools and logs for your cloud investigation Master the overall incident response process and approach Familiarize yourself with the MITRE ATT&CK framework for the cloud Get to grips with live forensic analysis and threat hunting in the cloud Learn about cloud evidence acquisition for offline analysis Analyze compromised Kubernetes containers Employ automated tools to collect logs from M365 Who this book is for This book is for cybersecurity professionals, incident responders, and IT professionals adapting to the paradigm shift toward cloud-centric environments. Anyone seeking a comprehensive guide to investigating security incidents in popular cloud platforms such as AWS, Azure, and GCP, as well as Microsoft 365, Google Workspace, and containerized environments like Kubernetes will find this book useful. Whether you're a seasoned professional or a newcomer to cloud security, this book offers insights and practical knowledge to enable you to handle and secure cloud-based infrastructure.

Learn how to build a proactive cybersecurity culture together with the rest of your C-suite to effectively manage cyber risks Key FeaturesEnable business acceleration by preparing your organization against cyber risksDiscover tips and tricks to manage cyber risks in your organization and build a cyber resilient businessUnpack critical questions for the C-suite to ensure the firm is intentionally building cyber resilienceBook Description With cyberattacks on the rise, it has become essential for C-suite executives and board members to step up and collectively recognize cyber risk as a top priority business risk. However, non-cyber executives find it challenging to understand their role in increasing the business's cyber resilience due to its complex nature and the lack of a clear return on investment. This book demystifies the perception that cybersecurity is a technical problem, drawing parallels between the key responsibilities of the C-suite roles to line up with the mission of the Chief Information Security Officer (CISO). The book equips you with all you need to know about cyber risks to run the business effectively. Each chapter provides a holistic overview of the dynamic priorities of the C-suite (from the CFO to the CIO, COO, CRO, and so on), and unpacks how cybersecurity must be embedded in every business function. The book also contains self-assessment questions, which are a helpful tool in evaluating any major cybersecurity initiatives and/or investment required. With this book, you'll have a deeper appreciation of the various ways all executives can contribute to the organization's cyber program, in close collaboration with the CISO and the security team, and achieve a cyber-resilient, profitable, and sustainable business. What you will learnUnderstand why cybersecurity should matter to the C-suiteExplore how different roles contribute to an organization's securityDiscover how priorities of roles affect an executive's contribution to securityUnderstand financial losses and business impact caused by cyber risksCome to grips with the role of the board of directors in cybersecurity programsLeverage the recipes to build a strong cybersecurity cultureDiscover tips on cyber risk quantification and cyber insuranceDefine a common language that bridges the gap between business and cybersecurityWho this book is for This book is for the C-suite and executives who are not necessarily working in cybersecurity. The guidebook will bridge the gaps between the CISO and the rest of the executives, helping CEOs, CFOs, CIOs, COOs, etc., to understand how they can work together with the CISO and their team to achieve organization-wide cyber resilience for business value preservation and growth.

This book enables newcomers, business professionals as well as seasoned cybersecurity practitioners and marketers to understand and to explain the discipline to anyone. This book is not about technology and no technical knowledge or prior background is required to understand this book. The book is also highly recommended as a general management and leadership book. Cybersecurity involves people, policy, and technology. Yet most books and academic programs cover only technology. Hence the implementation of cybersecurity as a people powered perpetual innovation and productivity engine is not done. People think they can buy cybersecurity as a product when in fact the discipline is the modern practice of digital business strategy. People also equate cybersecurity with information security or security alone. However, security is a state, while cybersecurity is a process. Too many people equate cybersecurity with computer science even though cybersecurity is a business discipline. Written by Dr. Mansur Hasib a globally acclaimed scholar, practitioner, and author with a Doctor of Science in cybersecurity and over ten years experience designing and running award-winning cybersecurity education programs on a global scale. The author also served as Chief Information Officer and implemented profitable digital transformations and cybersecurity strategy in healthcare, biotechnology, education, and energy for more than 30 years. This book is widely acclaimed by practitioners and scholars alike as the definitive book on cybersecurity leadership and governance. Dr. Hasib is a sought after speaker and has won multiple global awards such as: 2020 Cybersecurity Champion of the Year; 2020 People's Choice Award in Cybersecurity; 2019 Best Cybersecurity Higher Education Program in the USA; 2019 Outstanding Global Cybersecurity Leadership; 2018 Best Cybersecurity Higher Education Program in the USA; 2018 Hall of Fame; 2017 People's Choice Award in Cybersecurity; 2017 Information Governance Expert of the Year; 2017 (ISC)2 Americas ISLA Award. Dr. Hasib enjoys table tennis, comedy, and travel and has been to all 50 states of the USA. Twitter @mhasib Subscribe free to YouTube Channel with 200+ videos: https://www.youtube.com/@DrMansurHasib Contact for speaking invites and author-signed books: https://www.cybersecurityleadership.com

This comprehensive overview of 61850 standard/protocol focuses on implementation, taking the reader through the development and concepts of IEC 61850. This includes the initial work by General Motors (Manufacturing Automation Protocol), EPRI (UCA 1.0 and UCA 2.0), IEEE (TR 1550), and IEC 61850. The standard is a significant piece of many IIoT (industrial internet of things) strategies for substation communication. The book discusses and documents the basic research and theory of guaranteed multicast done for IEC 61850 GOOSE as well as the shift from variable technology to object oriented technology. The layering principles, as well as the structure, of IEC 61850 are discussed in detail as well as the actual communication profiles that have been created to support substation/distribution automation, distributed energy resources, and synchrophasors. Real applications will be discussed as well as the future direction of the standard. The author is a technical co-editor of IEC 61850 standard and a leader in US implementations, having been involved with the technology from its inception.