The world is more digitally connected than ever before and, with this connectivity, comes vulnerability. This book will equip you with all the skills and insights you need to understand cyber security and kickstart a prosperous career.
Confident Cyber Security is here to help. From the human side to the technical and physical implications, this book takes you through the fundamentals: how to keep secrets safe, how to stop people being manipulated and how to protect people, businesses and countries from those who wish to do harm.
Featuring real-world case studies including Disney, the NHS, Taylor Swift and Frank Abagnale, this book is packed with clear explanations, sound advice and practical exercises to help you understand and apply the principles of cyber security. This new edition covers increasingly important topics such as deepfakes, AI and blockchain technology.
About the Confident series...
From coding and data science to cloud and cyber security, the Confident books are perfect for building your technical knowledge and enhancing your professional career.
Author(s): Jessica Barker
Edition: 2
Publisher: Kogan Page
Year: 2023
Language: English
Pages: 265
Cover
Contents
An introduction to cyber security
The history of cyber security
Cyber security, you and your career
Confidence
Notes
PART ONE Why cyber security?
01 What cyber security is
The cyber security rainbow: Red, blue and purple
The cyber security spectrum: Who are the hackers?
Hacking and the law
Cybercrime
Case study: Lapsus$
Case study: Evil Corp
Malicious and non-malicious insiders
Case study: Apple Inc v Rivos Inc
Case study: The City of Dallas
Exercise 1.1: Assessing the risks
Notes
02 Why cyber security is important
Risks, threats and vulnerabilities
Risk assessment and management
Risk, threat, vulnerability and mitigations
Cyber security and the law
Cyber security and personal lives
Notes
PART TWO The technical side of cyber security
03 Technical vulnerabilities
Common Vulnerabilities and Exposures list
Common Weakness Enumeration
Common Vulnerability Scoring System
Open Web Application Security Project top ten
Case study: LearnPress Plugin
Case study: SolarWinds
Case study: WannaCry
Case study: Log4Shell
What technology is vulnerable?
Notes
PART THREE The human side of cyber security
04 Why people are so important in cyber security
Design
Creation
Testing
Use
Case study: Amazon S3
2FA Fatigue
Abuse
Destruction
Notes
05 Social engineering
Social engineering red flags
Non-criminal social engineering
Why social engineering works
Case study: Alice and Bob
Exercise 5.1: Hot state triggers
Notes
06 Attacks that utilize social engineering
Phishing
Case study: Bill
Case study: Janessa Brazil
Case study: WhatsApp Mum and Dad scam
Case study: Covid 19 social engineering: Business email compromise and beyond
Money trails and cryptocurrency
Ransomware
Offline social engineering attacks
Notes
PART FOUR The physical side of cyber security
07 Why physical space matters in cyber security
Access control systems
CCTV
Exercise 7.1: Spot the security flaw
Physical vulnerabilities in the Internet of Things
The physical infrastructure of the internet
Case study: Colonial Pipeline
Case study: Florida water supply
Notes
08 How organizations can better protect themselves
Firewalls
Anti-virus software
Network segmentation
Airgapped networks
Policies and procedures
Logging
Monitoring
Auditing
Intrusion detection systems and intrusion protection systems
Block list and allow list
Cyber threat intelligence and threat hunting
Vulnerability scanning
Penetration testing
Awareness-raising training
Security culture
Champion programmes
Digital footprint assessments
Physical security controls
Social engineering assessments and red team engagements
A layered approach
Notes
09 How individuals can better protect themselves
Protect your accounts
Biometric security
Loyalty points theft
Protect your devices
Protect your data
Be social media savvy
Be social engineering savvy
Notes
10 Nation-state cyber security: Geopolitics
Policing the internet
Nation-state-level cyber attacks
Companies and nation-state-level attacks
Misinformation and disinformation
Notes
PART FIVE The future of cyber security and what it means for your career
11 Cyber security in different industries
Celebrity, entertainment and pop culture
Journalism and the media
Sport
Social media and influencers
What are deepfakes?
Small and medium enterprises
Education
Conveyancing fraud
Notes
12 Cyber security at the board level
Cyber security frameworks
Cyber security governance
Risk appetite and risk tolerance
The board perspective on cyber security
Board members as challengers
Cyber security as a business risk
Notes
13 Pursuing a cyber security career
Qualifications and certifications
What do employers want?
What can you do to get a job in the industry?
Jack Daniel, BSides co-founder
Sophia McCall, Captain of Team UK at the European Cyber Security Challenge
Note
14 The variety of cyber security careers
The start-up CEO
The infosec pundit
The professor
The journalist
Alternative paths into cyber security
The ethical hacker
The lawyer
The analyst
The national cyber security advisor
The security awareness leader
Specialists and generalists
The security contractor
A final word: Keep a learning mindset
Notes
Appendix: Answers
Index
