New Release: The Gorilla Guide to…® Protecting the Modern Enterprise
Although businesses have used computers for a long time, the computer was not the center of most businesses until recently. An attack might take down your accounting system or steal some records, but at least you could continue to sell goods and take your customers’ payments. The only security that the average retail customer had to worry about was having a pickpocket take their wallets.
Those days are long gone, and computers are at the center of each business—which means that security must be a top priority. Consider the example of a restaurant. It now typically takes orders online, especially since the COVID-19 shutdowns. Restocking and ordering new supplies requires access to a database. One could go through every step of running a modern business (and non-profits, too) to see how managers have moved steps into a database or application for the sake of efficiency, accountability, and flexible response to change.
With guidance from a Cybersecurity Framework (Figure 1) from the U.S. National Institute of Standards and Technology (NIST), Lawrence Miller puts computer security into concrete business terms, helping security professionals and business managers discuss their risks and options.
A proper security philosophy is practical, looking to keep costs reasonable and avoid overly burdensome restrictions. Can you ward off an attack, recover from an attack, or make the impact of the attack less severe (known as “risk mitigation”)?
You must understand that every business is part of a larger system that involves suppliers, third-party management, financial support, and so on. These have impacts on your security strategy. Finally, solutions must be organizational, not just technical, and must be updated regularly. This book covers all those bases, and more.
Inside the Guide
Gorilla Guides make learning and discovery approachable and easy, taking the guesswork out of navigating complicated IT technologies. Written by an industry expert, and brought to you by UncommonX, this resource is packed full of trusted information about practical business security!
Download the book and learn all about:
- How to Define Security Risks As Business Risks
- A Step-by-Step Framework for Deciding What Protections to Put in Place
- The Role of the Cloud and a Managed Security Service Provider (MSSP)
Table of Contents
Chapter 1: The Business Case for Security
Putting Security into Business Terms
- Business Drivers
- Vulnerability and Risk Analysis
- Risk Management
Threats Are More Sophisticated; Security Is More Complex
- Technology Alone Is Not the Answer
- Build a Plan Based on Defense in Depth
- Address People, Processes, and Technology Needs
Chapter 2: How the NIST Cybersecurity Framework Improves Risk Strategies
- Asset Management
- Business Environment
- Risk Assessment
- Risk Management Strategy
- Supply Chain Risk Management
- Identity Management and Access Control
- Awareness and Training
- Data Security
- Information Protection Processes and Procedures
- Protective Technology
- Anomalies and Events
- Security Continuous Monitoring
- Detection Processes
- Response Planning
- Recovery Planning
Chapter 3: What Does a Holistic Security Solution Look Like?
- Security Maturity
- Industry Comparison
- Change Over Time
- SaaS and MSSP
Get Strategic with Your Security
About the Author
Lawrence Miller, CISSP, has worked in information technology for more than 30 years in various industries including military, telecommunications, legal, retail, and professional services. He earned an MBA in Supply Chain Management from Indiana University and has written numerous books on technology and security topics.
UncommonX offers unmatched enterprise-class cybersecurity protection as an extended detection and response (XDR) provider by combining adaptive threat and intelligence software with 24/7 industry experts, making it easy to constantly both map and fix root causes of security vulnerabilities. Taking a market-first inside-out approach to ongoing digital security risks through unique curated threat feeds and automated analytics, the UncommonX BOSS intelligent security platform provides clear contextual awareness to yield accelerated outcomes to mitigate and guard against threats. Learn more at UncommonX.com.