Cybersecurity Operations and Fusion Centers: A Comprehensive Guide to Soc and Tic Strategy
暫譯: 網路安全運作與融合中心:SOC與TIC策略的全面指南
McLaughlin, Kevin Lynn
相關主題
商品描述
Cybersecurity Operations and Fusion Centers: A Comprehensive Guide to SOC and TIC Strategy by Dr. Kevin Lynn McLaughlin is a must-have resource for anyone involved in the establishment and operation of a Cybersecurity Operations and Fusion Center (SOFC). Think of a combination cybersecurity SOC and cybersecurity Threat Intelligence Center (TIC). In this book, Dr. McLaughlin, who is a well-respected cybersecurity expert, provides a comprehensive guide to the critical importance of having an SOFC and the various options available to organizations to either build one from scratch or purchase a ready-made solution. The author takes the reader through the crucial steps of designing an SOFC model, offering expert advice on selecting the right partner, allocating resources, and building a strong and effective team. The book also provides an in-depth exploration of the design and implementation of the SOFC infrastructure and toolset, including the use of virtual tools, the physical security of the SOFC, and the impact of COVID-19 on remote workforce operations. A bit of gamification is described in the book as a way to motivate and maintain teams of high-performing and well-trained cybersecurity professionals.
The day-to-day operations of an SOFC are also thoroughly examined, including the monitoring and detection process, security operations (SecOps), and incident response and remediation. The book highlights the significance of effective reporting in driving improvements in an organization's security posture.
With its comprehensive analysis of all aspects of the SOFC, from team building to incident response, this book is an invaluable resource for anyone looking to establish and operate a successful SOFC. Whether you are a security analyst, senior analyst, or executive, this book will provide you with the necessary insights and strategies to ensure maximum performance and long-term success for your SOFC. By having this book as your guide, you can rest assured that you have the knowledge and skills necessary to protect an organization's data, assets, and operations.
商品描述(中文翻譯)
《網路安全運營與融合中心:SOC 和 TIC 策略的綜合指南》由 Kevin Lynn McLaughlin 博士撰寫,是任何參與建立和運營網路安全運營與融合中心(SOFC)的人必備的資源。可以將其視為結合網路安全的 SOC 和網路安全威脅情報中心(TIC)。在這本書中,McLaughlin 博士,這位備受尊敬的網路安全專家,提供了有關擁有 SOFC 的關鍵重要性以及組織可選擇從零開始建立或購買現成解決方案的各種選項的綜合指南。作者帶領讀者了解設計 SOFC 模型的關鍵步驟,提供選擇合適合作夥伴、分配資源和建立強大有效團隊的專業建議。這本書還深入探討了 SOFC 基礎設施和工具集的設計與實施,包括虛擬工具的使用、SOFC 的物理安全性,以及 COVID-19 對遠端工作人員運作的影響。書中描述了一些遊戲化的元素,作為激勵和維持高效能且訓練有素的網路安全專業團隊的方式。
SOFC 的日常運營也得到了全面的檢視,包括監控和檢測過程、安全運營(SecOps)以及事件響應和修復。這本書強調了有效報告在推動組織安全狀態改善中的重要性。
這本書對 SOFC 各方面的綜合分析,從團隊建設到事件響應,對於任何希望建立和運營成功 SOFC 的人來說,都是一個無價的資源。無論您是安全分析師、高級分析師還是高層主管,這本書都將為您提供必要的見解和策略,以確保您的 SOFC 最大效能和長期成功。擁有這本書作為指導,您可以放心,您擁有保護組織數據、資產和運營所需的知識和技能。
作者簡介
Dr. Kevin Lynn McLaughlin, PhD, CISO, CISM, CISSP, PMP, ITIL Master, LSSBB, GIAC-GSLC, CRISC, is a highly accomplished cybersecurity expert with a diverse background in law enforcement, corporate security, and cybersecurity. He proudly served in the U.S. Army and was a U.S. Special Agent before making a significant impact in the world of corporate security. With over 39 years of experience in the field, Dr. McLaughlin has demonstrated his expertise in creating and leading three Global Cybersecurity Programs for Fortune 300 companies, establishing Global Security Operations Centers, and designing and implementing a Global Cybersecurity Architecture. He is a veteran in global cyber investigations, having led over 800 investigations, and is a skilled executive manager who has led Global Cyber and Corporate Security teams. Kevin is a highly sought after speaker, having spoken at RSA, and has advised Board of Directors on various cybersecurity topics. He is also an expert in executive protection and securing critical manufacturing, manufacturing, consumer goods, and healthcare environments.
作者簡介(中文翻譯)
凱文·林恩·麥克勞克林博士(Dr. Kevin Lynn McLaughlin),擁有博士學位,並持有CISO、CISM、CISSP、PMP、ITIL Master、LSSBB、GIAC-GSLC及CRISC等專業認證,是一位成就卓越的網路安全專家,擁有執法、企業安全及網路安全等多元背景。他曾自豪地服役於美國陸軍,並擔任美國特工,隨後在企業安全領域產生了重大影響。擁有超過39年的相關經驗,麥克勞克林博士在為《財富》300強公司創建和領導三個全球網路安全計畫、建立全球安全運營中心以及設計和實施全球網路安全架構方面展現了他的專業知識。他在全球網路調查方面是位資深專家,曾主導超過800起調查,並且是一位技術精湛的高級管理者,曾領導全球網路及企業安全團隊。凱文是一位備受追捧的演講者,曾在RSA大會上發表演講,並就各種網路安全主題向董事會提供建議。他也是高級保護及保障關鍵製造、消費品及醫療環境的專家。