相關主題
商品描述
This book delves into the critical realm of cyber security, specifically focusing on the ever-present threats that can cripple your organization. We will dissect real-world attacks methods and mitigation strategies, analyze industry and regulatory requirements as they impact your boardroom decisions, and expose the vulnerabilities that leave organizations susceptible to data breaches.
But why should cyber security be a top priority for CEOs, directors, and board members? A successful cyber-attack can be catastrophic. Beyond financial losses, data breaches can erode customer trust, damage brand reputation, disrupt critical operations, and even lead to legal ramifications for the board and for directors, such as regulatory fines and lawsuits.
This book empowers you to make informed decisions for your organization regarding cyber risk. We will equip you to not only understand the evolving threat landscape and the potential impact of an attack, but also to proactively reduce and mitigate those risks. This knowledge will ensure you fulfill your reporting obligations and demonstrate strong corporate governance in the face of ever-present cyber threats.
The digital age presents immense opportunities, but it also demands a heightened awareness of cyber security risks. This book is your roadmap to navigating this complex landscape, understanding your obligations as a director or board member, and ensuring your organization remains secure and thrives in this increasingly digital world.
What You Will Learn:
- Typical methods employed by cybercriminal gangs.
- Board and management responsibilities and obligations.
- Common governance principles and standards.
- What are the cybersecurity frameworks and how do they work together?
- Best practices for developing a cybersecurity strategy.
- Understanding penetration testing reports and compliance audits.
- Tips for reading and understanding the audit report.
Who This Book is for:
Boards, directors, and management who have a responsibility over cyber security and ensuring cyber resilience for their organization.
商品描述(中文翻譯)
本書深入探討網路安全的關鍵領域,特別關注那些可能使您的組織陷入癱瘓的持續威脅。我們將剖析現實世界中的攻擊方法和緩解策略,分析行業和法規要求如何影響您的董事會決策,並揭露使組織易受數據洩露影響的脆弱性。
那麼,為什麼網路安全應該成為執行長、董事和董事會成員的首要任務呢?一次成功的網路攻擊可能會造成災難性的後果。除了財務損失外,數據洩露還可能侵蝕客戶信任、損害品牌聲譽、擾亂關鍵業務運作,甚至導致董事會和董事面臨法律後果,例如監管罰款和訴訟。
本書使您能夠就網路風險為您的組織做出明智的決策。我們將幫助您不僅理解不斷演變的威脅環境及攻擊的潛在影響,還能主動減少和緩解這些風險。這些知識將確保您履行報告義務,並在面對持續存在的網路威脅時展現強有力的企業治理。
數位時代帶來了巨大的機遇,但也要求對網路安全風險有更高的警覺性。本書是您在這個複雜環境中導航的路線圖,幫助您理解作為董事或董事會成員的義務,並確保您的組織在這個日益數位化的世界中保持安全並蓬勃發展。
您將學到的內容:
- 網路犯罪團夥所採用的典型方法。
- 董事會和管理層的責任與義務。
- 常見的治理原則和標準。
- 網路安全框架是什麼,它們如何協同運作?
- 制定網路安全策略的最佳實踐。
- 理解滲透測試報告和合規審核。
- 閱讀和理解審核報告的技巧。
本書適合對網路安全負有責任並確保其組織網路韌性的董事會、董事和管理層。
作者簡介
Dan Weis is the Penetration Testing Practice Lead at Nexon Asia Pacific. Dan has over 30 years' experience in I.T, in a range of different industries, and was one of the first 10 people in the world to become a Certified Ethical Hacker.
Dan also has over 18.5+ years of Penetration Testing and Red Team experience with attributed 0day vulnerabilities in SCADA/Control Systems software. Dan heads up Nexon's team of Cyber Security Experts, leading Red and Blue Teams on Offensive and Defensive Cyber Operations to proactively assess company and government networks to increase their security posture and not become the next "headline".
Earning the nickname "The General" as a result of his multitude of industry qualifications, Daniel also holds an additional 22 industry certifications. In his spare time Daniel undertakes research on the cybercrime underground, facilitates training sessions for budding ethical hackers, is a regular on the speaker circuit presenting on all things Infosec & Dark web, and has presented at over 80 conferences and events over the last 5 years.
Dan also has appearances on Television and Radio and has a number of published resources including books, magazine articles, newspaper appearances, online posts and YouTube videos, and is an active participant in a variety of renowned security and industry programs. Dan has authored the book "Hack Proof Yourself! The essential guide to securing your digital world," and co-authored the book Learn Social Engineering that has received BookAuthority's best books of all time award.
作者簡介(中文翻譯)
Dan Weis 是 Nexon 亞太區的滲透測試實務負責人。Dan 在資訊科技領域擁有超過 30 年的經驗,涵蓋多個不同產業,並且是全球首批 10 位獲得認證的道德駭客之一。
Dan 也擁有超過 18.5 年的滲透測試和紅隊經驗,並在 SCADA/控制系統軟體中發現了多個 0day 漏洞。Dan 領導著 Nexon 的網路安全專家團隊,負責紅隊和藍隊的攻防網路作業,主動評估公司和政府的網路安全狀況,以提升其安全防護能力,避免成為下一個「頭條新聞」。
由於擁有眾多行業資格,Dan 獲得了「將軍」的綽號,此外他還擁有 22 項行業認證。在空閒時間,Dan 進行有關網路犯罪地下世界的研究,為有志成為道德駭客的人舉辦培訓課程,並經常在資訊安全和暗網相關的演講活動中發表演說,過去五年來參加了超過 80 場會議和活動。
Dan 也曾在電視和廣播中露面,並擁有多項已發表的資源,包括書籍、雜誌文章、報紙專欄、線上文章和 YouTube 影片,並積極參與各種知名的安全和行業計畫。Dan 著有《Hack Proof Yourself! The essential guide to securing your digital world》一書,並共同撰寫了《Learn Social Engineering》,該書獲得 BookAuthority 的最佳書籍獎。
