BOOKS - Cybersecurity in the 21-st Century: Main directions of provision of cybersecu...
US $5.63
430904
430904
Cybersecurity in the 21-st Century: Main directions of provision of cybersecurity
Author: Anatoly Belous
Year: December 9, 2020
Format: PDF
File size: PDF 2.4 MB
Language: English
Year: December 9, 2020
Format: PDF
File size: PDF 2.4 MB
Language: English
This chapter is dedicated to detailed consideration of the main strategic directions and most effective methods of cybersecurity provision. Let us recall that cybersecurity is most commonly defined as strategic actions aimed at protection of information and communications with the help of a number of advanced instruments, policies and processes. Considering the constantly changing landscape of cyberthreats, directions, concepts and methods are also improving, responding to changes in the types and character of new emerging cyberthreats. But while such direction as pentest is fairly widely covered in scientific and technical publications and social media (Codeby, etc.), much less attention is paid to Red Teaming and Blue Teaming, even though RedTeam and BlueTeam methods appeared much earlier than pentest. Ancient Chinese emperors used the following in order to provide best protection from the enemy, you need to attack your own army using various methods to find weak spots in the defense that could be protected in a better way, as well as train attacking skills of your warriors. The chapter contains basic definitions of the main methods of cybersecurity, specifics of organization of Red Teaming, Blue Teaming and other and "colored and " teams, concepts and scenarios of modern and "colored and " combat and features of organization of and "cyberdrills and " - imitation of targeted attacks as a security assessment method. The chapter examines a new and rapidly developing direction of cybersecurity - Threat Hunting - as a proactive method of cyber defence. Analysis of the concept of this method is given, as well as description of the most popular software and hardware tools. In addition, this chapter contains an overview of the MITRE ATT and u0026CK data base popular among cybersecurity specialists - construction paradigm and descriptions of typical projects using it. The chapter ends with a section dedicated to SIEM as an important component in standard architecture of modern cyber purposes, tasks of main and additional functions and performance comparison of the most popular SIEM options. Special attention is paid to correlation as an important process of matching of events and logs. Principles of building and examples of the Gartnet Magic Quadrant are considered.