Start-Up Secure

Start-Up Secure
Автор книги: id книги: 2031525     Оценка: 0.0     Голосов: 0     Отзывы, комментарии: 0 3398,28 руб.     (36,44$) Читать книгу Купить и скачать книгу Купить бумажную книгу Электронная книга Жанр: Малый бизнес Правообладатель и/или издательство: John Wiley & Sons Limited Дата добавления в каталог КнигаЛит: ISBN: 9781119700753 Скачать фрагмент в формате   fb2   fb2.zip Возрастное ограничение: 0+ Оглавление Отрывок из книги

Реклама. ООО «ЛитРес», ИНН: 7719571260.

Описание книги

Add cybersecurity to your value proposition and protect your company from cyberattacks Cybersecurity is now a requirement for every company in the world regardless of size or industry. Start-Up Secure: Baking Cybersecurity into Your Company from Founding to Exit covers everything a founder, entrepreneur and venture capitalist should know when building a secure company in today’s world. It takes you step-by-step through the cybersecurity moves you need to make at every stage, from landing your first round of funding through to a successful exit. The book describes how to include security and privacy from the start and build a cyber resilient company. You'll learn the basic cybersecurity concepts every founder needs to know, and you'll see how baking in security drives the value proposition for your startup’s target market. This book will also show you how to scale cybersecurity within your organization, even if you aren’t an expert! Cybersecurity as a whole can be overwhelming for startup founders. Start-Up Secure breaks down the essentials so you can determine what is right for your start-up and your customers. You’ll learn techniques, tools, and strategies that will ensure data security for yourself, your customers, your funders, and your employees. Pick and choose the suggestions that make the most sense for your situation—based on the solid information in this book. Get primed on the basic cybersecurity concepts every founder needs to know Learn how to use cybersecurity know-how to add to your value proposition Ensure that your company stays secure through all its phases, and scale cybersecurity wisely as your business grows Make a clean and successful exit with the peace of mind that comes with knowing your company's data is fully secure Start-Up Secure is the go-to source on cybersecurity for start-up entrepreneurs, leaders, and individual contributors who need to select the right frameworks and standards at every phase of the entrepreneurial journey.

Оглавление

Chris Castaldo. Start-Up Secure

Table of Contents

List of Illustrations

Guide

Pages

Additional praise for Start-Up Secure

Start-Up Secure. Baking Cybersecurity into Your Company from Founding to Exit

Foreword

Preface

WHY WRITE THIS BOOK?

NOTES

Acknowledgments

About the Author

Introduction. ABOUT THIS BOOK

HOW TO USE THIS BOOK

CHAPTER ONE Minimum Security Investment for Maximum Risk Reduction

COMMUNICATING YOUR CYBERSECURITY

EMAIL SECURITY

SECURE YOUR CREDENTIALS

SAAS CAN BE SECURE

PATCHING

Example 1

Example 2

ANTIVIRUS IS STILL NECESSARY BUT GOES BY A DIFFERENT NAME

MOBILE DEVICES

SUMMARY

ACTION PLAN

NOTES

CHAPTER TWO Cybersecurity Strategy and Roadmap Development

WHAT TYPE OF BUSINESS IS THIS?

WHAT TYPES OF CUSTOMERS WILL WE SELL TO?

WHAT TYPES OF INFORMATION WILL THE BUSINESS CONSUME?

WHAT TYPES OF INFORMATION WILL THE BUSINESS CREATE?

WHERE GEOGRAPHICALLY WILL BUSINESS BE CONDUCTED?

BUILDING THE ROADMAP

Opening Statement

Stakeholders

Tactics

Measurability

CASE STUDY

SUMMARY

ACTION PLAN

NOTE

CHAPTER THREE Secure Your Credentials

PASSWORD MANAGERS

PASSPHRASE

MULTI-FACTOR AUTHENTICATION

ENTITLEMENTS

KEY MANAGEMENT

CASE STUDY

SUMMARY

ACTION PLAN

NOTES

CHAPTER FOUR Endpoint Protection

VENDORS

SELECTING AN EDR

MANAGED DETECTION AND RESPONSE

CASE STUDY

SUMMARY

ACTION PLAN

NOTES

CHAPTER FIVE Your Office Network

YOUR FIRST OFFICE SPACE

CO-WORKING SPACES

VIRTUAL PRIVATE NETWORK

SUMMARY

ACTION PLAN

NOTES

CHAPTER SIX Your Product in the Cloud

SECURE YOUR CLOUD PROVIDER ACCOUNTS

PROTECT YOUR WORKLOADS

Patching

Endpoint Protection

SECURE YOUR CONTAINERS

SUMMARY

ACTION PLAN

NOTES

CHAPTER SEVEN Information Technology

ASSET MANAGEMENT

IDENTITY AND ACCESS MANAGEMENT

SUMMARY

ACTION PLAN

CHAPTER EIGHT Hiring, Outsourcing, or Hybrid

CATALYSTS TO HIRING

GET THE FIRST HIRE RIGHT

EXECUTIVE VERSUS INDIVIDUAL CONTRIBUTOR

RECRUITING

JOB DESCRIPTIONS

INTERVIEWING

FIRST 90 DAYS IS A MYTH

SUMMARY

ACTION PLAN

NOTE

CHAPTER NINE Compliance

MASTER SERVICE AGREEMENTS, TERMS AND CONDITIONS, OH MY

PATCH AND VULNERABILITY MANAGEMENT

ANTIVIRUS

AUDITING

INCIDENT RESPONSE

POLICIES AND CONTROLS

CHANGE MANAGEMENT

ENCRYPTION

DATA LOSS PREVENTION

DATA PROCESSING AGREEMENT

SUMMARY

ACTION PLAN

NOTE

CHAPTER TEN Industry and Government Standards and Regulations

OPEN SOURCE. OWASP

Center for Internet Security 20

UNITED STATES PUBLIC. SOC

RETAIL. PCI DSS

SOX

ENERGY, OIL, AND GAS

NERC CIP

ISA-62443-3-3 (99.03.03)-2013

Federal Energy Regulatory Commission

Department of Energy Cybersecurity Framework

HEALTH

HIPAA

HITECH

HITRUST

FINANCIAL

FFIEC

FINRA

NCUA

EDUCATION

FERPA

INTERNATIONAL

International Organization for Standardization (ISO)

UL 2900

GDPR

Privacy Shield

UK Cyber Essentials

UNITED STATES FEDERAL AND STATE GOVERNMENT

NIST

NISPOM

DFARS PGI

FedRAMP

FISMA

NYCRR 500

CCPA

SUMMARY

ACTION PLAN

NOTES

CHAPTER ELEVEN Communicating Your Cybersecurity Posture and Maturity to Customers

CERTIFICATIONS AND AUDITS

QUESTIONNAIRES. Shared Assessments

Cloud Security Alliance

Vendor Security Alliance

SHARING DATA WITH YOUR CUSTOMER

CASE STUDY

SUMMARY

ACTION PLAN

NOTES

CHAPTER TWELVE When the Breach Happens

CYBER INSURANCE

INCIDENT RESPONSE RETAINERS

THE INCIDENT

TABLETOP EXERCISES

SUMMARY

ACTION PLAN

NOTE

CHAPTER THIRTEEN Secure Development

FRAMEWORKS

BSIMM

OpenSAMM

CMMI

MICROSOFT SDL

PRE-COMMIT

INTEGRATED DEVELOPMENT ENVIRONMENT

COMMIT

BUILD

PENETRATION TESTING

SUMMARY

ACTION PLAN

NOTES

CHAPTER FOURTEEN Third-Party Risk

TERMS AND CONDITIONS

SHOULD I REVIEW THIS VENDOR?

WHAT TO ASK AND LOOK FOR

Verify DMARC Settings

Check TLS Certificates

Check the Security Headers of the Website

SUMMARY

ACTION PLAN

NOTE

CHAPTER FIFTEEN Bringing It All Together

Glossary

Index

WILEY END USER LICENSE AGREEMENT

Отрывок из книги

“It's rare to see a cybersecurity guide of any kind that is relevant, current, and, most importantly, cogent and accessible. Chris Castaldo has not only produced such a guide but has tailored it for an audience who has never before received such wisdom in a digestible manner – the startup community. Startups are notoriously fast-moving, and Castaldo's book keeps up with them, showing them the types of practical security controls they need throughout their rapid journey to whatever exit strategy they envision.”

– Allan Alford, CISO/CTO, TrustMAPP and Host of the The Cyber Ranch Podcast

.....

This syncs your phone and the specific account. When you log in with your credentials again you simply open the app and enter the code displayed. There are alternative services to this app, such as Authy. Both of these apps work on iPhone and Android. Large organizations may even employ a physical token that displays a number that changes every 30 seconds. These physical tokens offer a higher degree of security but are more expensive to deploy and maintain.

FIGURE 1.2 Google Titan Security Keys

.....

Добавление нового отзыва

Комментарий Поле, отмеченное звёздочкой  — обязательно к заполнению

Отзывы и комментарии читателей

Нет рецензий. Будьте первым, кто напишет рецензию на книгу Start-Up Secure
Подняться наверх