Index

  • A
  • access, determining, 165
  • access reviews, 69
  • alert fatigue, 100
  • API keys, 79
  • application programming interfaces (APIs), 109–110, 115, 162
  • applications
    • application logs, 50, 54
    • cloud, 103–116
    • deploying, 113
    • legacy, 65
    • scalability of, 113
    • security of, 83
  • B
  • badges, 39
  • BAS (breach and attack simulation), 155
  • best of breed, 26
  • best practices, 46
  • blind spots, 95, 105, 114–115
  • blue team, 134
  • Box, 114
  • breach and attack simulation (BAS), 155
  • buffer overflows, 144
  • bug bounty programs, 85
  • Business Continuity Plan (BCP), 28, 46
  • Business Impact Assessment (BIA), 28
  • business outcomes, 165
  • C
  • cameras, 161
  • Capability Maturity Model, 154, 163, 167
  • card reader, 30, 31, 33, 34, 36, 38, 39–41, 161
  • CASB (Cloud Access Security Broker), 95, 107, 114, 162
  • CCPA, 71
  • Centola, David, 130
  • challenge questions, 65
  • Chang, Donna, 5
  • CIAQ (Consensus Assessments Initiative Questionnaire), 106
  • CI/CD (continuous integration and continuous delivery), 76–77, 79
  • Cloud Access Security Broker (CASB), 95, 107, 114, 162
  • cloud apps, 103–116
  • cloud logging, 95
  • cloud security, 120
  • Cloud Security Alliance, 106, 115, 120
  • cloud services, 162
  • CMDB tools, 100
  • code review, 82
  • collaboration tools, 122, 123
  • compliance, 26
  • compliance-management mechanisms, 50, 54
  • Consensus Assessments Initiative Questionnaire (CIAQ), 106
  • Consumer Identity and Access Management, 161
  • container checks, 111
  • containment, 32, 163
  • Containment, Eradication, and Recovery stage, of NIST Cybersecurity Framework, 99–100
  • containment, measuring, 96, 101
  • continuous integration and continuous delivery (CI/CD), 76–77, 79
  • contracts, 106
  • Covey, Stephen
    • Speed of Light, 131
  • credentialed scan, 145, 148–149
  • cross-site scripting (XSS), 84–85, 114–115
  • culture of security. See sustainable culture
  • Cunningham, Chase, 7
  • Curphey, Mark, 78
  • cyber insurance carrier, 142–143
  • D
  • data, applications, assets, and services (DAAS) elements, 165, 167
  • data-driven decisions, 44
  • deception technologies, 155
  • defense in depth, 26
  • Defined stage
    • of Capability Maturity Model, 163
    • of Zero Trust Maturity Model, 168–170
  • deploying applications/services, 113
  • DevOps, 73–85, 161
  • disaster recovery tools, 100
  • Docker, 84
  • E
  • emulation tools, 155
  • Equifax, 115–116
  • ERP change control, 49, 54
  • ERP systems, 50, 52, 53, 54, 161
  • error pages, 108
  • Experian, 115–116
  • F
  • Facebook, 115
  • false positives, 135
  • feedback loop, 101
  • firewalls, 32, 80
  • fog of war, 149
  • Forrester, 54
  • G
  • Gartner, 54
  • General Data Protection Regulation (GDPR), 59–60, 71
  • Google, 54
  • Groves, Dennis, 78
  • H
  • HIPAA, 71
  • honeypots, 96, 157
  • honeytokens, 96
  • hotwash, 143
  • human behavior, 130
  • I
  • IaaS (infrastructure as a code), 81
  • identity
    • about, 50
    • as a cornerstone, 57–72
    • importance of, 161
  • Identity Defined Security Alliance (IDSA), 69, 72
  • incident management, 41
  • incident response (IR) process, 97, 99, 100, 101–102
  • Information Security Advisory Council (ISAC), 123
  • infrastructure as a code (IaaS), 81
  • Initial stage
    • of Capability Maturity Model, 163
    • of Zero Trust Maturity Model, 168–170
  • inside-out design, 109
  • intellectual property, 76
  • internal network, 32
  • inventory, 160
  • IoT devices, 144, 148
  • IP addresses, 88–89, 123–124
  • IR (incident response) process, 97, 99, 100, 101–102
  • ISAC (Information Security Advisory Council), 123
  • ISO 27001, 98
  • J
  • Jacobson, Lenore, 131
  • L
  • legacy applications, 65
  • live-fire drill, 135, 148
  • Lockheed Martin Cyber Kill Chain, 59
  • M
  • Managed Security Service Provider (MSSP), 91, 93, 101, 161–162
  • Managed stage
    • of Capability Maturity Model, 163
    • of Zero Trust Maturity Model, 168–170
  • Master Scenario Events List (MSEL), 135, 147, 171–177
  • maturity model, 163
  • memory-safe IoT programming language, 144
  • MFA (multifactor authentication), 64–65, 68, 107–108, 113, 123
  • microsegmentation, 40–41
  • MITRE ATT&CK framework, 94, 96, 156
  • MITRE Engage framework, 156–157
  • monitoring, 68–69, 95, 166, 170
  • MSEL (Master Scenario Events List), 135, 147, 171–177
  • MSSP (Managed Security Service Provider), 91, 93, 101, 161–162
  • multifactor authentication (MFA), 64–65, 68, 107–108, 113, 123
  • N
  • National Institute of Standards and Technology (NIST)
    • definition of Zero Trust (ZT), 55
    • NIST Cybersecurity Framework, 98, 99, 102
    • SP 800-53, 98
    • SP 800-61, 99, 102
    • SP 800-84 Guide to Test, Training, and Exercise Programs for IT Plans and Capabilities, 135, 147, 171
    • SP 800-171, 98
    • SP 800-207, 51, 54–55, 108, 109, 114, 161
    • Zero Trust network view, 52
  • Network Detection and Response (NDR) tools, 95
  • network segmentation, 80
  • network-based detection, 95
  • networked devices, 40
  • O
  • OneDrive, 107, 114
  • Open Supervised Device Protocol (OSDP), 34
  • Open Web Application Security Project (OWASP), 77–78, 79, 84, 109, 114–115
  • Optimized stage
    • of Capability Maturity Model, 163
    • of Zero Trust Maturity Model, 168–170
  • OSDP (Open Supervised Device Protocol), 34
  • OWASP (Open Web Application Security Project), 77–78, 79, 84, 109, 114–115
  • P
  • PAM (privileged access management), 64
  • Park, Chun, 117
  • Parler, 115
  • password vault, 124
  • passwords
    • reusing, 124
    • storing, 83
  • patches, 47, 76–77, 101–102
  • Peloton, 115
  • people, as the weakest link, 131, 162
  • perimeter security, 31–33
  • The Phoenix Project, 76
  • physical security, 31–33, 39, 160–161
  • policy enforcement point, 108–109
  • policy engine, 114
  • port scan, 148
  • privileged access management (PAM), 64
  • problem management, 41
  • protect surfaces, 93, 97, 98, 100, 104, 105, 113, 120, 128, 154, 163, 165, 166, 168
  • provisioning accounts, 60–63
  • proximity badges, 40
  • proximity card system, 33
  • PSExec, 89, 90
  • purchase orders, 106
  • purple team, 134
  • Pygmalion effect, 127, 131
  • R
  • RBAC (role-based access control), 80
  • reauthentication, 66
  • red herrings, 149
  • red team, 134
  • Repeatable stage
    • of Capability Maturity Model, 163
    • of Zero Trust Maturity Model, 168–170
  • RFID cloner, 39
  • rightsizing exercise, 154
  • risk register, 160, 163
  • role cleanup, 68
  • role-based access control (RBAC), 80
  • Rosenthal, Robert, 131
  • Rust, 144
  • S
  • SaaS (software-as-a-service), 106–107, 115
  • SalesForce, 114
  • scalability, of applications/services, 113
  • SDP (software-defined perimeter), 108–109, 114
  • secondary attack surface, 32
  • Secure Access Services Edge (SASE), 109, 110, 114
  • Secure Service Edge (SSE), 109
  • security
    • cloud, 120
    • as code, 110–111
    • perimeter, 31–33
    • physical, 31–33, 39, 160–161
  • security awareness training, 125, 130
  • security dongle, 139
  • security guards, 41
  • security information and event management (SIEM) system, 53, 69
  • security minute, 124–125
  • Security Operations Center (SOC), 87–102, 161–162
  • security orchestration system, 93, 94
  • segmentation, 145
  • shadow IT, 113–114
  • Shared Assessments, 115
  • SharePoint, 107, 114, 130
  • Shift Left philosophy, 94
  • SIEM (security information and event management) system, 53, 69
  • SIM-jacking, 60
  • Single Sign On (SSO), 83, 122–123
  • Slack, 130
  • SOC (Security Operations Center), 87–102, 161–162
  • software-as-a-service (SaaS), 106–107, 115
  • software-defined perimeter (SDP), 108–109, 114
  • SolarWinds breach, 65–66
  • specialized programming languages, 49, 54
  • Speed of Light (Covey), 131
  • SQL injection, 78, 84–85, 114–115
  • SSE (Secure Service Edge), 109
  • SSO (Single Sign On), 83, 122–123
  • standards, 110–111, 147
  • strategy, Zero Trust as a, 13–28
  • sustainable culture, 117–131
  • T
  • tabletop exercise, 133–149, 162
  • tactics, techniques, and procedures (TTPs), 100–101, 156
  • teams, implementing, 160
  • technology silos, 159
  • telemetry, 166
  • traditional vulnerability management tools, 49, 54
  • traffic
    • inspecting and logging, 165
    • unknown, 160
  • transaction flow matrix chart, 154–155
  • transaction flows, 36–37, 39, 47–49, 166, 169
  • trust
    • compared with Zero Trust, 10–11
    • as a vulnerability, 29–41
  • TTPs (tactics, techniques, and procedures), 100–101, 156
  • U
  • UEBA, 52, 69
  • uncredentialed scan, 145
  • unknown traffic, 160
  • V
  • Vega, Victor, 73
  • vendors, 106
  • Verizon Data Breach report (2021), 163
  • virtual local area network (VLAN), 40
  • vulnerability, trust as a, 29–41
  • vulnerability scanning server, 144–145, 148–149
  • W
  • web application firewalls (WAFs), 80–81, 84–85, 107–108, 109, 114–115, 162
  • wellness program, 125–126
  • X
  • XSS (cross-site scripting), 84–85, 114–115
  • Z
  • Zero Trust (ZT)
    • architecture for, 166, 169
    • case for, 1–11
    • challenges of, 56
    • compared with trust, 10–11
    • defined, 55
    • design principles, 16, 18, 27, 30–31, 51, 92, 159, 165
    • DevOps, 73–85
    • implementation curve, 27–28
    • methodology, 18, 27, 159, 166
    • policy for, 166, 170
    • SOC, 87–102
    • as a strategy, 13–28
    • sustainable culture, 117–131
    • tabletop exercise, 133–149
    • tenets of, 55
    • trap to, 131
  • Zero Trust Enterprise (ZTE), 55
  • Zero Trust Maturity Model, 153–154, 167–170
..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset