product iamge

Guide to Cybersecurity in Digital Transformation: Trends, Methods, Technologies, Applications and Best Practices

This document was uploaded by one of our users. The uploader already confirmed that they had the permission to publish it. If you are author/publisher or own the copyright of this documents, please report to us by using this DMCA report form.

Download
Search on Amazon

Simply click on the Download Book button.

Yes, Book downloads on Ebookily are 100% Free.

Sometimes the book is free on Amazon As well, so go ahead and hit "Search on Amazon"

In today’s digital transformation environments, a rigorous cybersecurity approach to effective risk management ― including contingency planning, outlining immediate actions, preparing post-breach responses ― is central to defending organizations’ interconnected computer systems, networks, and infrastructure resources from malicious cyber-attacks. Specifically, cybersecurity technologies, processes, and practices need to be generalized and applied to intrusion detection and prevention measures. This entails analyzing profiles of cyber-attackers and building cyber-attack models for behavior simulation that can effectively counter such attacks. This comprehensive volume aims to cover all essential aspects of cybersecurity in digital transformation and to provide a framework for considering the many objectives and requirements involved. In addition to introducing theoretical foundations, the work also offers practical techniques for defending against malicious cybercriminals. Topics and features Explores cybersecurity’s impact on the dynamics of interconnected, complex cyber- and physical systems, infrastructure resources, and networks Provides numerous examples of applications and best practices Considers methods that organizations can use to assess their cybersecurity awareness and/or strategy Describes anomaly intrusion detection, a key tool in thwarting both malware and theft (whether by insiders or external parties) of corporate data Addresses cyber-attacker profiles, cyber-attack models and simulation, cybersecurity ontology, access-control mechanisms, and policies for handling ransomware attacks Discusses the NIST Cybersecurity Framework, MITRE Adversarial Tactics, Techniques and Common Knowledge, CIS Critical Security Controls, and the ISA/IEC 62442 Cybersecurity Standard Gathering all the relevant information, this practical guide is eminently suitable as a self-study resource for engineers, scientists, computer scientists, and chief information officers. Further, with its many examples of best practices, it can serve as an excellent text for graduate-level courses and research into cybersecurity. Dietmar P. F. Möller, a retired full professor, is affiliated with the Institute for Mathematics at Clausthal University of Technology, Germany. He was an author of several other Springer titles, including Guide to Automotive Connectivity and Cybersecurity.

Author(s): Dietmar P. F. Möller
Series: Advances in Information Security; 103
Publisher: Springer
Year: 2023

Language: English
Pages: 421

978-3-031-26845-8
1
Foreword
Preface
Contents
978-3-031-26845-8_1
Chapter 1: Cybersecurity in Digital Transformation
1.1 Digital Transformation
1.2 Emerging Technologies in Digital Transformation
1.2.1 Artificial Intelligence
1.2.2 Additive Manufacturing
1.2.3 Augmented Reality
1.2.4 Autonomous Robots
1.2.5 Big Data and Analytics
1.2.6 Blockchain
1.2.7 Cloud Computing and Services
1.2.8 Edge- and Fog Computing
1.2.9 Internet of Things
1.2.10 Industrial Internet of Things
1.2.11 Fiber Optics
1.2.12 Machine Learning
1.2.13 Machine-to-Machine Communication
1.2.14 Network-as-a-Service
1.2.15 Network Virtualization
1.2.16 Network Function Virtualization
1.2.17 Simulation and the Digital Twin
1.2.18 Software Defined Network
1.2.19 Wireless Sensor Networks
1.2.20 5G and 6G
1.3 Challenges in Digital Transformation
1.4 Applications in Digital Transformation
1.5 Leadership in Digital Transformation
1.6 Cybersecurity
1.6.1 Introduction to Cybersecurity
1.6.2 CIA Triad
1.6.3 Cybersecurity Is Still Paramount
1.7 Digital Transformation and Circular Economy
1.8 Exercises
1.8.1 Digital Transformation
1.8.2 Cybersecurity
1.8.3 Circular Economy
References
978-3-031-26845-8_2
Chapter 2: Threats and Threat Intelligence
2.1 Threats
2.1.1 Threat Events and Threat Intensions
2.1.2 Threat Event Types
2.1.3 Cybersecurity Residual Risk Rating, Likelihood, and Consequence Levels
2.1.4 Cybersecurity Risk Management and Quantifying Cybersecurity Risk
2.2 Threat Intelligence
2.2.1 Problem of Known-Knowns, Known-Unknowns, and Unknown-Unknowns
2.2.2 Digital Forensic and Threat Intelligence Platforms
2.2.3 Threat Event Profiling, Threat Intelligence, Threat Lifecycle
2.2.4 Threat Intelligence Sharing and Management Platforms
2.3 Exercises
2.3.1 Threats
2.3.2 Threat Intelligence
References
978-3-031-26845-8_3
Chapter 3: Intrusion Detection and Prevention
3.1 Intrusion Detection
3.1.1 Significant Intrusion Detection Methods
3.1.2 Anomaly-Based Intrusion Detection
3.1.3 Misuse-Based Intrusion Detection
3.1.4 Disadvantages of Anomaly and Misuse Intrusion Detection
3.1.5 Specification-Based Intrusion Detection
3.1.6 Intrusion Type Characteristics and Detection
3.1.7 Intrusion Detection System Architecture
3.2 Pre-processing in Intrusion Detection Systems
3.3 Intrusion Detection Capability Metric
3.4 Intrusion Prevention
3.4.1 Intrusion Prevention System
3.4.2 Intrusion Prevention System Architecture
3.5 Intrusion Detection and Prevention System Architecture
3.6 Intrusion Detection and Prevention Methods
3.7 Exercises
3.7.1 Intrusion Detection
3.7.2 Intrusion Prevention
References
978-3-031-26845-8_4
Chapter 4: Cyberattacker Profiles, Cyberattack Models and Scenarios, and Cybersecurity Ontology
4.1 Introduction
4.1.1 Cyberattacker Profiles
4.2 Cyberattack Models and Scenarios
4.2.1 Modeling Formalisms
4.2.2 Generic Cyberattack Models
4.2.3 Generic Intent-Based Cyberattacker Models
4.3 Cyberattacker Behavior Modeling
4.3.1 Generic Cyberattacker Behavior Modeling
4.3.2 Cyberattacker Simulation Model
4.4 Cybersecurity Ontology
4.4.1 Introduction to Ontology
4.4.1.1 Ontology Types
4.4.2 Cybersecurity Ontology
4.4.2.1 Generic Cybersecurity Data Space Ontology Framework
4.4.2.2 Cyberattack Ontology Model
4.5 Exercises
References
978-3-031-26845-8_5
Chapter 5: NIST Cybersecurity Framework and MITRE Cybersecurity Criteria
5.1 Cybersecurity Frameworks
5.1.1 CIS Critical Security Controls
5.1.2 ISA/IEC 62443-Cybersecurity Standard
5.1.3 MITRE Adversarial Tactics, Techniques, and Common Knowledge
5.1.4 NIST 800-53
5.1.5 NIST Cybersecurity Framework
5.2 NIST Cybersecurity Framework Critical Infrastructure
5.2.1 NIST CSF Critical Infrastructure Best Practice Example
5.3 MITRE Cybersecurity Criteria
5.4 MITRE Cybersecurity Taxonomy
5.5 Exercises
5.5.1 NIST CSF
5.5.2 MITRE ATT&CK
References
978-3-031-26845-8_6
Chapter 6: Ransomware Attacks and Scenarios: Cost Factors and Loss of Reputation
6.1 Introduction
6.2 Ransomware Attacks
6.2.1 Introduction in Ransomware Attack Scenarios
6.2.2 Ransomware Attacks on Operational Technology Systems
6.3 Costs of a Ransomware Attack
6.3.1 Recovery Point Objective in Disaster Recovery
6.3.2 Recovery Time Objective in Disaster Recovery
6.3.3 Design of Recovery Point Objective and Recovery Time Objective in Disaster Recovery
6.4 Loss of Reputation and Its Prevention
6.5 Exercises
References
978-3-031-26845-8_7
Chapter 7: Cybersecurity Maturity Models and SWOT Analysis
7.1 Introduction
7.2 Maturity Index and Maturity Models
7.2.1 Maturity Index
7.2.2 Maturity Models
7.2.3 Maturity Models After ISO 9004:2008
7.3 Cybersecurity Maturity Models
7.4 Cybersecurity Maturity Best Practice Model Example
7.5 SWOT Analysis
7.5.1 Introduction to SWOT Analysis
7.5.2 SWOT Analysis Best Practice Examples
7.5.2.1 Company Analysis
7.5.2.2 Cybersecurity SWOT Analysis
7.6 Exercises
7.6.1 Maturity Models
7.6.2 SWOT Analysis
References
978-3-031-26845-8_8
Chapter 8: Machine Learning and Deep Learning
8.1 Introduction
8.1.1 Classical Machine Learning Techniques
8.1.1.1 Supervised Machine Learning
8.1.1.2 Unsupervised Machine Learning
8.1.1.3 Reinforcement Machine Learning
8.1.1.4 Comparison of Machine Learning Methods
8.2 Machine Learning and Cybersecurity
8.2.1 Machine Learning Examples in Cybersecurity
8.2.1.1 Machine Learning-Based Intrusion Detection in Industrial Applications
8.2.1.2 Machine Learning-Based Intrusion Detection Using Feature Learning
8.2.1.3 Machine Learning-Based Intrusion Detection of Unknown Cyberattacks
8.3 Introduction to Deep Learning
8.3.1 Classification of Deep Learning Methods
8.3.2 Deep Bayesian Neural Network
8.3.3 Deep Learning-Based Intrusion Detection System
8.4 Deep Learning Method Example in Cybersecurity
8.5 Exercises
8.5.1 Machine Learning
8.5.2 Deep Learning
References
1 (1)
Glossary
Index