Most companies are using inefficient computer security defenses which allow hackers to break in at will. It's so bad that most companies have to assume that it is already or can easily be breached. It doesn't have to be this way! A data-driven computer security defense will help any entity better focus on the right threats and defenses. It will create an environment which will help you recognize emerging threats sooner, communicate those threats faster, and defend far more efficiently. What is taught in this book...better aligning defenses to the very threats they are supposed to defend against, will seem commonsense after you read them, but for reasons explained in the book, aren't applied by most companies. The lessons learned come from a 30-year computer security veteran who consulted with hundreds of companies, large and small, who figured out what did and didn't work when defending against hackers and malware. Roger A. Grimes is the author of nine previous books and over 1000 national magazine articles on computer security. Reading A Data-Driven Computer Security Defense will change the way you look at and use computer security for now on.
In the world of information security, the ability to actually implement something and bring ideas to fruition, is commendable. In A Data-Driven Computer Security Defense: THE Computer Security Defense You Should Be Using, author Roger A. Grimes take his decades of experience and give the reader excellent advice on how they can secure their networks and do just that.
As the title implies, the data-driven approach to information security moves the line of defense from the network to the data layer. It, to a degree, complements, but is not as complex as the notion of zero trust networks.
Grimes writes that one of the main problems that will exacerbate ineffective security at a firm is when they do not properly align computer security defenses with the actual threats and risks they face. The book attempts to create a new framework that firms can use to more efficiently allocate defensive resources against the most likely threats that they will face.
The benefits to this approach are impressive, in that firms can respond to threats in a timelier manner, create metrics that provide real information (as opposed to meaningless self-referential metrics), better threat intelligence, and more.
The book notes that a data-driven computer security defense is not necessarily one of hardware and software; rather it’s an approach to information security that uses a firm’s own data to understand specifics threats and risks.
In order to do information security right, every firm needs to ensure that they are capturing the right data, and they have enough evidence to base security decisions off that data. The next step is to prioritize the threats based on that evidence.
A Data-Driven Computer Security Defense is a great resource for those looking to slow down and escape the information security hamster wheel of pain and start a program to truly deal with information security.
Interesting read about better integrating data analysis into every part of cyber security. Asking the right questions, collect the data and then act on it. Each company may have different actual threats. This book is about doing the work to figure out what your threats really are and the attacking them.