Threat forecasting : leveraging big data for predictive analysis / [electronic resource]
John Pirc, David DeSanto, Iain Davison, Will Gragido.
- 1 online resource
Includes index.
Includes bibliographical references and index.
Front Cover; Threat Forecasting: Leveraging Big Data for Predictive Analysis; Copyright; Contents; About the Authors; Foreword; Why Threat Forecasting is Relevant; What You Will Learn and How You Will Benefit; Preface; Book Organization and Structure; Closing Thoughts; Acknowledgments; Chapter 1: Navigating Todays Threat Landscape; Introduction; Why Threat Forecasting; The Effects of a Data Breach; Barriers to Adopting Threat Forecasting Practices; Going Beyond Historical Threat Reporting; Timing; Generalization; The State of Regulatory Compliance; Industry Specific Guidelines. Healthcare InstitutionsFinancial Institutions; Cyber Security Information Sharing Legislation: Watch this Space; Best Practices, Standards, and Frameworks; PCI DSS; NIST Cyber Security Framework; Defense in Depth; Tier 1 Security Technologies; Tier 2 Security Technologies; Update and Evaluate Security Products and Technologies; Cyber Security and the Human Factor; Today's Information Assurance Needs; Chapter 2: Threat Forecasting; Synopsis; Introduction; Threat Forecasting; Dangers of Technology Sprawl; High Speed Big Data Collection and Surveillance; Threat Epidemiology. High Frequency Security AlgorithmsSummary; Chapter 3: Security Intelligence; Synopsis; Introduction; Security Intelligence; Information Vetting; KPIs; Programs; Scripts; Shortcuts; Other; Office Macros; Do It Yourself (DIY) Security Intelligence; Build; Buy; Partner; Key Indicator Attributes; Dissemination of Intelligence; Summary; Chapter 4: Identifying Knowledge Elements; Synopsis; Introduction; Defining Knowledge Elements; Intelligence Versus Information; A Quick Note About the Signal-to-Noise Ratio Metaphor; A Brief Note on IOCs and IOIs. Identifying Something Important Through the Use of IOAs, IOCs, and IOIsTypes of Knowledge Elements; IOA or Pre-attack Indicators; Indicators of Compromise; Indicators of Interest; Publicly Defined Knowledge Elements; OpenIOC; How It Works; How Do You Get It; Incident Object Description Exchange Format (RFC5070); IODEF Data Model; IODEF Implementation; IOCBucket.com; Cyber Observable eXpression; Summary; Chapter 5: Knowledge Sharing and Community Support; Synopsis; Introduction; Sharing Knowledge Elements; Advantages; Disadvantages; Community Sharing; VERIS; OpenIOC; TAXII; STIX; CybOX. Commercial OfferingsStaying Ahead of the Adversary; Summary; Chapter 6: Data Visualization; Synopsis; Introduction; Common Methods; Big Data Analytics; Interactive Visualization; Not Just For the Boardroom; Summary; Chapter 7: Data Simulation; Synopsis; Introduction; Traffic Simulation vs Emulation; Environmental; Flow; Data Sandboxes; Analytic Engines; Quantum Computing; Summary; Chapter 8: Kill Chain Modeling; Synopsis; Introduction; Key Components of Kill Chain Modeling; Leveraging Big Data; Tools Available; Maltego; Splunk; OpenGraphiti; Creation of Data Files; STIX; Kill Chains in STIX.
This book discusses the danger of using historic data as the basis for predicting future breaches, how to use security intelligence as a tool to develop threat forecasting techniques, and how to use threat data visualization techniques and threat simulation tools.
9780128004784 0128004789 0128000066 9780128000069
9780128000069
Computer security.
Big data.
COMPUTERS--Security--Networking.
Big data.
Computer security.
Electronic books.
QA76.9.A25
005.8
Includes index.
Includes bibliographical references and index.
Front Cover; Threat Forecasting: Leveraging Big Data for Predictive Analysis; Copyright; Contents; About the Authors; Foreword; Why Threat Forecasting is Relevant; What You Will Learn and How You Will Benefit; Preface; Book Organization and Structure; Closing Thoughts; Acknowledgments; Chapter 1: Navigating Todays Threat Landscape; Introduction; Why Threat Forecasting; The Effects of a Data Breach; Barriers to Adopting Threat Forecasting Practices; Going Beyond Historical Threat Reporting; Timing; Generalization; The State of Regulatory Compliance; Industry Specific Guidelines. Healthcare InstitutionsFinancial Institutions; Cyber Security Information Sharing Legislation: Watch this Space; Best Practices, Standards, and Frameworks; PCI DSS; NIST Cyber Security Framework; Defense in Depth; Tier 1 Security Technologies; Tier 2 Security Technologies; Update and Evaluate Security Products and Technologies; Cyber Security and the Human Factor; Today's Information Assurance Needs; Chapter 2: Threat Forecasting; Synopsis; Introduction; Threat Forecasting; Dangers of Technology Sprawl; High Speed Big Data Collection and Surveillance; Threat Epidemiology. High Frequency Security AlgorithmsSummary; Chapter 3: Security Intelligence; Synopsis; Introduction; Security Intelligence; Information Vetting; KPIs; Programs; Scripts; Shortcuts; Other; Office Macros; Do It Yourself (DIY) Security Intelligence; Build; Buy; Partner; Key Indicator Attributes; Dissemination of Intelligence; Summary; Chapter 4: Identifying Knowledge Elements; Synopsis; Introduction; Defining Knowledge Elements; Intelligence Versus Information; A Quick Note About the Signal-to-Noise Ratio Metaphor; A Brief Note on IOCs and IOIs. Identifying Something Important Through the Use of IOAs, IOCs, and IOIsTypes of Knowledge Elements; IOA or Pre-attack Indicators; Indicators of Compromise; Indicators of Interest; Publicly Defined Knowledge Elements; OpenIOC; How It Works; How Do You Get It; Incident Object Description Exchange Format (RFC5070); IODEF Data Model; IODEF Implementation; IOCBucket.com; Cyber Observable eXpression; Summary; Chapter 5: Knowledge Sharing and Community Support; Synopsis; Introduction; Sharing Knowledge Elements; Advantages; Disadvantages; Community Sharing; VERIS; OpenIOC; TAXII; STIX; CybOX. Commercial OfferingsStaying Ahead of the Adversary; Summary; Chapter 6: Data Visualization; Synopsis; Introduction; Common Methods; Big Data Analytics; Interactive Visualization; Not Just For the Boardroom; Summary; Chapter 7: Data Simulation; Synopsis; Introduction; Traffic Simulation vs Emulation; Environmental; Flow; Data Sandboxes; Analytic Engines; Quantum Computing; Summary; Chapter 8: Kill Chain Modeling; Synopsis; Introduction; Key Components of Kill Chain Modeling; Leveraging Big Data; Tools Available; Maltego; Splunk; OpenGraphiti; Creation of Data Files; STIX; Kill Chains in STIX.
This book discusses the danger of using historic data as the basis for predicting future breaches, how to use security intelligence as a tool to develop threat forecasting techniques, and how to use threat data visualization techniques and threat simulation tools.
9780128004784 0128004789 0128000066 9780128000069
9780128000069
Computer security.
Big data.
COMPUTERS--Security--Networking.
Big data.
Computer security.
Electronic books.
QA76.9.A25
005.8