The Best of TaoSecurity Blog, Volume 1: Milestones, Philosophy and Strategy, Risk, and Advice [1/2, 1 ed.] 9781952809002

Since 2003, cybersecurity author Richard Bejtlich has been writing posts on TaoSecurity Blog, a site with 15 million vie

361 42 452KB

English Year 2020

Report DMCA / Copyright

DOWNLOAD FILE

The Best of TaoSecurity Blog, Volume 1: Milestones, Philosophy and Strategy, Risk, and Advice [1/2, 1 ed.]
 9781952809002

Table of contents :
The Best of TaoSecurity Blog, Volume 1
Title Page
Copyright
Dedication
Epigraph
Preface
Chapter 1. Milestones
Introduction
First Post and Review of BGP Posted
Sguil User Six
Trying New Martial Arts School
Five Years Ago Today...
The Tao of NSM Is Published!
TaoSecurity Visits the Pentagon
Security Responsibilities
Bejtlich Joining General Electric as Director of Incident Response
Bejtlich Cited in Economist
TaoSecurity Blog Wins Best Non-Technical Blog at RSA
Inside a Congressional Hearing on Digital Threats
Become a Hunter
TaoSecurity Blog Wins Most Educational Security Blog
Bejtlich Books Explained
Latest Book Inducted into Cybersecurity Canon
Twenty Years of Network Security Monitoring: From the AFCERT to Corelight
Conclusion
Chapter 2. Philosophy and Strategy
Introduction
Prevention Always Fails
What is the Ultimate Security Solution?
Thoughts on Digital Crime
Further Musings on Digital Crime
How to Misuse an Intrusion Detection System
Soccer Goal Security
Further Thoughts on Engineering Disasters
More on Engineering Disasters and Bird Flu
Thoughts on Patching
Why Prevention Can Never Completely Replace Detection
Analog Security is Threat-Centric
Control-Compliant vs Field-Assessed Security
Of Course Insiders Cause Fewer Security Incidents
National Digital Security Board
Security Is Not Refrigeration
Response to Daily Dave Thread
Incorrect Insider Threat Perceptions
How Many Spies?
What Do I Want
Proactive vs Reactive Security
Taking the Fight to the Enemy
Threat Deterrence, Mitigation, and Elimination
FISMA Dogfights
Fight to Your Strengths
Vulnerability-Centric Security
Threat Model vs Attack Model
Kung Fu Wisdom on Threats
Change the Plane
Does Failure Sell?
Security: Whose Responsibility?
Response: Is Vulnerability Research Ethical?
On Breakership
Humans, Not Computers, Are Intrusion Tolerant
Speaking of Incident Response
Defender's Dilemma vs Intruder's Dilemma
Offense and Defense Inform Each Other
The Centrality of Red Teaming
The Problem with Automated Defenses
Incident Detection Mindset
Protect the Data Idiot!
Protect the Data from Whom?
Protect the Data -- Where?
Protect the Data -- What Data?
Cyberwar Is Real
Over Time, Intruders Improvise, Adapt, Overcome
Redefining Breach Recovery
Forcing the Adversary to Pursue Insider Theft
Know Your Limitations
Seven Security Strategies, Summarized
Conclusion
Chapter 3. Risk
Introduction
The Dynamic Duo Discuss Digital Risk
Calculating Security ROI Is a Waste of Time
Ripping Into ROI
SANS Confuses Threats with Vulnerabilities
Risk, Threat, and Vulnerability 101
Cool Site Unfortunately Miscategorizes Threats
BBC News Understands Risk
Organizations Don't Remediate Threats
Return on Security Investment
Risk Mitigation
Three Threats
Security Is Still Loss Avoidance
No ROI for Security or Legal
Are the Questions Sound?
Bank Robber Demonstrates Threat Models
No ROI? No Problem
Security ROI Revisited
Glutton for ROI Punishment
Is Digital Security "Risk" a Knightian Uncertainty?
Vulnerabilities in Perspective
More Threat Reduction, Not Just Vulnerability Reduction
Unify Against Threats
Risk Assessment, Physics Envy, and False Precision
Attack Models in the Physical World
Conclusion
Chapter 4. Advice
Introduction
CISSP: Any Value?
My Criteria for Good Technical Books
What the CISSP Should Be
Answering Penetration Testing Questions
No Shortcuts to Security Knowledge
Starting Out in Digital Security
Reading Tips
Security in the Real World
What Should the Feds Do
Why Digital Security?
US Needs Cyber NORAD
Controls Are Not the Solution to Our Problem
Answering Reader Questions
Getting the Job Done
Is Experience the Only Teacher in Security?
Why Blog?
Defining the Win
Advice to Bloggers
How Much to Spend on Digital Security
Partnerships and Procurement Are Not the Answer
Everything I Need to Know About Leadership I Learned as a Patrol Leader
Stop Killing Innovation
All Reading Is Not Equal or Fast
Answering Questions on Reading Tips
Five Qualities of Real Leadership
I Want to Detect and Respond to Intruders But I Don't Know Where to Start!
Understanding Responsible Disclosure of Threat Intelligence
Don't Envy the Offense
How to Answer the CEO and Board Attribution Question
My Federal Government Security Crash Program
Notes on Self-Publishing a Book
Managing Burnout
COVID-19 Phishing Tests: WRONG
When You Should Blog and When You Should Tweet
Conclusion
Afterword
Books By This Author
About The Author
Version History

Polecaj historie