Business Recovery and Continuity in a Mega Disaster: Cybersecurity Lessons Learned from the Covid-19 Pandemic
暫譯: 大型災難中的商業復甦與持續性:從新冠疫情中學到的網路安全教訓
Das, Ravi
- 出版商: Auerbach Publication
- 出版日期: 2022-04-21
- 售價: $4,910
- 貴賓價: 9.5 折 $4,665
- 語言: 英文
- 頁數: 214
- 裝訂: Hardcover - also called cloth, retail trade, or trade
- ISBN: 1032245328
- ISBN-13: 9781032245324
-
相關分類:
資訊安全
海外代購書籍(需單獨結帳)
商品描述
The COVID-19 pandemic has had so many unprecedented consequences. The great global shift from office work to remote work is one such consequence, with which many information security professionals are struggling. Office workers have been hastily given equipment that was not properly secured or must use personal devices to perform office work. The proliferation of videoconferencing has brought about new types of cyber-attacks. When the pandemic struck many organizations found they had no, or old and unworkable, business continuity and disaster recovery plans.
Business Recovery and Continuity in a Mega Disaster: Cybersecurity Lessons Learned from the COVID-19 Pandemic reviews the COVID-19 pandemic and related information security issues. It then develops a series of lessons of learned from this reviews and explains how organizations can prepare for the next global mega disaster. Following are some of the key lessons learned presented:
- The lack of vetting for third party suppliers and vendors
- The lack of controls surrounding data privacy, especially as it relates to the personal identifiable information (PPI) data sets
- The intermingling of home and corporate networks
- The lack of a secure remote workforce
- The emergence of supply chain attacks (e.g., Solar Winds).
To address the issues raised in these lessons learned, CISOs and their security teams must have in place tools and methodologies to address the following:
- The need for incident response, disaster recovery, and business continuity plans
- The need for effective penetration testing
- The importance of threat hunting
- The need for endpoint security
- The need to use the SOAR model
- The importance of a zero-trust framework.
The book provides practical coverage of these topics to prepare information security professionals for any type of future disaster.
The COVID-19 pandemic has changed the entire world to unprecedented and previously unimaginable levels. Many businesses, especially in the United States, were completely caught off guard, and they had no concrete plans put into place, from a cybersecurity standpoint, in how to deal with this mega disaster. This how-to book fully prepares CIOs, CISOs, and their teams for the next disaster, whether natural or manmade, with the various lessons that have been learned thus far from the COVID-19 pandemic.
商品描述(中文翻譯)
COVID-19 疫情帶來了許多前所未有的後果。從辦公室工作轉向遠端工作的全球大轉變就是其中之一,許多資訊安全專業人士在這方面面臨挑戰。辦公室工作者匆忙獲得了未經妥善保護的設備,或必須使用個人裝置來執行辦公工作。視訊會議的普及帶來了新型的網路攻擊。當疫情來襲時,許多組織發現他們沒有或是擁有過時且無法運作的業務持續性和災難恢復計畫。
《在重大災難中的業務恢復與持續性:從 COVID-19 疫情中學到的網路安全教訓》回顧了 COVID-19 疫情及相關的資訊安全問題。接著,該書從這些回顧中發展出一系列的教訓,並解釋組織如何為下一次全球重大災難做好準備。以下是一些提出的關鍵教訓:
- 缺乏對第三方供應商和廠商的審查
- 缺乏針對數據隱私的控制,特別是與個人可識別信息(PPI)數據集相關的控制
- 家庭網路與企業網路的交織
- 缺乏安全的遠端工作人員
- 供應鏈攻擊的出現(例如,Solar Winds)
為了解決這些教訓中提出的問題,CISO 及其安全團隊必須具備工具和方法來應對以下需求:
- 事件響應、災難恢復和業務持續性計畫的需求
- 有效的滲透測試的需求
- 威脅獵捕的重要性
- 端點安全的需求
- 使用 SOAR 模型的需求
- 零信任框架的重要性
本書對這些主題提供了實用的涵蓋,以準備資訊安全專業人士應對任何類型的未來災難。
COVID-19 疫情將整個世界改變到了前所未有且難以想像的程度。許多企業,特別是在美國,完全措手不及,從網路安全的角度來看,他們沒有具體的計畫來應對這場重大災難。這本實用指南充分準備了 CIO、CISO 及其團隊應對下一次災難,無論是自然災害還是人為災害,並總結了迄今為止從 COVID-19 疫情中學到的各種教訓。
作者簡介
Ravi Das is a Business Development Specialist for The AST Cybersecurity Group, Inc., a leading Cybersecurity content firm located in the Greater Chicago area, and Technosoft Cyber, LLC, a consultancy devoted to offering Cybersecurity services to the Small and Medium sized business sector. Ravi holds a Master of Science of Degree in Agribusiness Economics (Thesis in International Trade), and Master of Business Administration in Management Information Systems.
He has authored 8 books, with one more upcoming on how to create and launch a Cybersecurity Consultancy.
作者簡介(中文翻譯)
拉維·達斯是AST Cybersecurity Group, Inc.的商業發展專家,該公司是一家位於芝加哥大區的領先網路安全內容公司,以及Technosoft Cyber, LLC,一家專注於為中小型企業提供網路安全服務的顧問公司。拉維擁有農業商業經濟學碩士學位(論文主題為國際貿易),以及管理資訊系統的工商管理碩士學位。
他已經撰寫了8本書,並且還有一本即將出版,內容是如何創建和啟動網路安全顧問公司。
