Greetings, fellow cybersecurity enthusiasts! Welcome to the world of cyber resilience, where the goal is to build a security program that enables your organization to not only withstand cyber-attacks but also to recover swiftly. As the United States Department of Homeland Security aptly defines it, cyber resiliency is the “ability to resist, absorb, recover from or successfully adapt to adversity or a change in conditions.”1 It’s not just a process; it’s an ultimate state of readiness. An organization achieves resilience when it can bounce back from any disruption, be it a ransomware attack or any other cyber threat, without major disruptions.

In today’s landscape, cyber-attacks are becoming increasingly sophisticated and prevalent. In the book Big Breaches2, it is highlighted that the root causes of nearly every data breach can be traced to six key factors:

• Unencrypted data
• Phishing attacks
• Malware
• Third-party vendor compromise
• Software vulnerabilities
• Unintended misconfigurations

In this book, we will explore practical safeguards that you can implement immediately to defend against these root causes of data breaches. These safeguards will not only enhance your information security program but also make it cyber-resilient, ready to face the latest threats. We’ll delve into some of the most significant cyber-attacks in recent history and discuss what could have been done to prevent or mitigate their impact. Most importantly, this book will guide you on how to transform your network into a cyber-resilient fortress, ensuring your organization’s ability to recover swiftly from any cyber-attack.

This book takes you on a journey, partly fictional, where you’ll witness a catastrophic cyber attack on BigCo and see how Megan, the Chief Information Security Officer (CISO), responds decisively. Megan’s actions will stop the attack, initiate responses, and put measures in place to prevent future attacks. As the saying goes, it’s not a matter of if your company will be cyber-attacked, but when. Chapters 1 to 10 will provide you with foundational tools to prepare for and respond to cyber-attacks. Chapters 11 to 14 will elevate your company’s IT security program to the next level of cyber resilience. You’ll find step-by-step guidance on implementing the necessary safeguards in your security program, whether your organization is small, medium, or large. Each chapter focuses on a specific safeguard, and the good news is that the steps you’ll learn here not only form the foundation of cyber defense but also assist your organization in meeting various compliance frameworks, standards, and laws while becoming cyber-resilient.

This book is for CISOs, directors of information security, aspiring CISOs, and cybersecurity professionals at all levels who want to learn how to build a resilient security program. Cybersecurity professionals will uncover valuable insights for enhancing their strategic and operational roles. This book is crafted to serve the following key personas in the cybersecurity field:

• Cybersecurity leaders and CISOs: As a leader in cybersecurity, you are continuously navigating the evolving threat landscape. You have to balance organizational needs with the budget while defending from the latest threats. This book provides strategies to elevate your leadership by developing and implementing a comprehensive cyber-resilient information security program.
• Cybersecurity practitioners: Whether you are delving into the cybersecurity arena or looking to deepen your existing expertise, this guide offers a wealth of practical knowledge. From important safeguards to effective risk management techniques, you will gain skills to understand a more holistic view of cybersecurity as well as fortify your role and progress in your career trajectory.
• IT professionals and support staff: Often the first line of defense in an organization, your role is crucial in maintaining cyber hygiene and resilience. This book equips you with an understanding of common and emerging threats, as well as best practices in response and recovery procedures. Enhance your capabilities in supporting cybersecurity initiatives and excel in roles focused on maintaining organizational cybersecurity.

Each chapter of the CISO Guide to Cyber Resilience includes real-world examples, actionable recommendations, and distilled wisdom from my extensive experience in the field. This book is more than a guide; it’s a companion in your journey toward mastering cyber resilience.

Chapter 1, The Attack on BigCo, explains a ransomware attack on a fictional company, what worked to limit the damage, and how they recovered. It explains what ransomware is, how it can bring down a network, and how to recover.

Chapter 2, Identity and Access Management, explains that 99.99% of account attacks can be prevented by using two-factor authentication (2FA). It also includes a discussion on methods to use for 2FA and password managers, as well as how NIST 160-3 can be successfully utilized.

Chapter 3, Security Policies, explains that security policies are foundational to guide your organization’s security program. It covers how your security policies meet laws and regulations, and the importance of due diligence.

Chapter 4, Security and Risk Management, explains that security and risk management is the process of balancing cyber risks, the controls to thwart attacks, and the budget. Business is about making money. Security and risk management is the process of choosing the controls that work for your company’s budget. Your company can’t be 100% secure, nor can there be 0% risk. Security is a balance of what is most important, what can wait, and what risks are acceptable to your business.

Chapter 5, Secure Your Endpoints, talks about securing your endpoints. At a very basic level, you need an antivirus. Endpoint security has evolved. For getting the basics down, we’ll talk about antivirus and anti-malware. In addition, we will discuss testing your home firewall to ensure it is configured properly.

Chapter 6, Data Safeguarding, explains that good backups are critical. More importantly, ensuring offline backups is paramount to secure your company’s data. We will be discussing the importance of testing backups, leveraging the cloud, and business continuity.

Chapter 7, Security Awareness Culture, explains the importance of developing a security awareness culture. No matter what tools and security controls you have deployed, you still need security awareness training for everyone in your company.

Chapter 8, Vulnerability Management, explains the importance of vulnerability scanning and patching security vulnerabilities. If you stay up to date with the latest threats, you will understand that it’s not easy to keep up with patching all those thousands of vulnerabilities. We’ll be discussing practical strategies to prioritize vulnerability patching, as well as ensuring your source code is secure.

Chapter 9, Asset Inventory, explains the importance of creating an asset inventory. To know what to protect, you have to understand what assets you have, whether they are software, hardware, or ephemeral. An asset inventory is foundational in a cyber-resilient organization. We’ll also discuss mobile device management and knowing your network.

Chapter 10, Data Protection, explains the importance of encrypting your company’s data, whether in transit or at rest. The reason is that if an attacker can gain access to your network or even steal an employee’s laptop, if the data is encrypted, then the data is protected. The most amazing part is that there is no breach if the data stolen is encrypted.

Chapter 11, Taking Your Endpoint Security to the Next Level, explains the importance of moving past the basics and into more advanced safeguards. The latest antivirus is called Endpoint Detection and Response (EDR). It takes the traditional antivirus to the next level. Some even include 24/7 helpdesk support, also known as Managed Detection Response (MDR). We’ll also demystify Extended Detection Response (XDR), Cloud Security Posture Management (CSPM), and the Cloud Native Application Protection Program (CNAPP).

Chapter 12, Secure Configuration Baseline, explains the importance of creating a security baseline. Essentially, this is a configuration that is applied across devices, hosts, and the cloud. For the commercial space, the Center for Internet Security (CIS) is typically used, whereas for the federal government, it’s STIGS.

Chapter 13, Classify Your Data and Assets, explains the importance of classifying your data and assets. A fully developed, mature, advanced information security program has an asset inventory and has classified those specific assets with sensitive data as critical.

Chapter 14, Cyber Resilience in the Age of Artificial Intelligence (AI), explains the importance of cyber resilience in the age of AI. With the rush to use and deploy AI, there are new cybersecurity concerns such as data leakage, use of AI by hackers, and bias in AI. This chapter will discuss responsible AI and measures to take to ensure your company deploys AI in a safe manner.

It is good to have a basic understanding of information security and the cloud before reading this book. I will explain each concept and each chapter builds on the previous, providing a roadmap of how to build a resilient cybersecurity program.

Download templates and the roadmap to cyber resilience

You can download the following templates and my roadmap to cyber resilience from my TrustedCISO website (https://trustedciso.com/e-landing-page/ciso-guide-to-cyber-resilience/):

• CISO Guide to Cyber Resilience
• Software evaluation template
• Encryption template

There are a number of text conventions used throughout this book.

Bold: Indicates an important word(s), command, topic, or title. For example, words that need to be taken into consideration such as this example: “>nslookup google.com”

Italics: emphasizing an important word or topic. An example is “This is a big caution. I can’t recommend not using a complex password.”

Tips or important notes

Appear like this.

Feedback from our readers is always welcome.

General feedback: If you have questions about any aspect of this book, mention the book title in the subject of your message and email us at customercare@packtpub.com.

Errata: Although we have taken every care to ensure the accuracy of our content, mistakes do happen. If you have found a mistake in this book, we would be grateful if you would report this to us. Please visit www.packtpub.com/support/errata, select your book, click on the Errata Submission Form link, and enter the details.

Piracy: If you come across any illegal copies of our works in any form on the Internet, we would be grateful if you would provide us with the location address or website name. Please contact us at copyright@packt.com with a link to the material.

If you are interested in becoming an author: If there is a topic that you have expertise in and you are interested in either writing or contributing to a book, please visit authors.packtpub.com.

Please leave a review. Once you have read and used this book, why not leave a review on the site that you purchased it from? Potential readers can then see and use your unbiased opinion to make purchase decisions, we at Packt can understand what you think about our products, and our authors can see your feedback on their book. Thank you!

For more information about Packt, please visit packtpub.com.

Once you’ve read A CISO Guide to Cyber Resilience, we’d love to hear your thoughts! Please click here to go straight to the Amazon review page for this book and share your feedback.

Your review is important to us and the tech community and will help us make sure we’re delivering excellent quality content.

Thanks for purchasing this book!

Do you like to read on the go but are unable to carry your print books everywhere?

Is your e-book purchase not compatible with the device of your choice?

Don’t worry!, Now with every Packt book, you get a DRM-free PDF version of that book at no cost.

Read anywhere, any place, on any device. Search, copy, and paste code from your favorite technical books directly into your application.

The perks don’t stop there, you can get exclusive access to discounts, newsletters, and great free content in your inbox daily

Follow these simple steps to get the benefits:

1. Scan the QR code or visit the following link:

https://packt.link/free-ebook/9781835466926

2. Submit your proof of purchase.
3. That’s it! We’ll send your free PDF and other benefits to your email directly.