Название: Data-Driven Cybersecurity: Reducing risk with proven metrics (Final Release)Автор: Mariano Mattei
Издательство: Manning Publications
Год: 2025
Страниц: 353
Язык: английский
Формат: pdf (true)
Размер: 47.3 MB
Measure, improve, and communicate the value of your security program.
Every business decision should be driven by data—and cyber security is no exception. In Data-Driven Cybersecurity, you'll master the art and science of quantifiable cybersecurity, learning to harness data for enhanced threat detection, response, and mitigation. You’ll turn raw data into meaningful intelligence, better evaluate the performance of your security teams, and proactively address the vulnerabilities revealed by the numbers.
Data-Driven Cybersecurity will teach you how to:
• Align a metrics program with organizational goals
• Design real-time threat detection dashboards
• Predictive cybersecurity using AI and machine learning
• Data-driven incident response
• Apply the ATLAS methodology to reduce alert fatigue
• Create compelling metric visualizations
Data-Driven Cybersecurity teaches you to implement effective, data-driven cybersecurity practices—including utilizing AI and machine learning for detection and prediction. Throughout, the book presents security as a core part of organizational strategy, helping you align cyber security with broader business objectives. If you’re a CISO or security manager, you’ll find the methods for communicating metrics to non-technical stakeholders invaluable.
AI is a broad term that encompasses various technologies, including Machine Learning (ML), natural language processing (NLP), and Generative AI with Large Language Models (LLMs). In cybersecurity, AI is leveraged to identify complex patterns and correlations that human analysts might overlook. When trained on high-quality historical and real-time data, Machine Learning models can recognize subtle indicators of compromise, enabling predictive security measures.
However, AI models are only as effective as the data they are trained on and the algorithms that power them. Poor quality, biased, or incomplete data can lead to false positives, missed threats, or misleading insights. Likewise, AI decision-making algorithms must be carefully designed, tested, and validated to avoid errors that could undermine security efforts.
The good news is that you don’t need to build AI algorithms from scratch. Many open-source libraries and frameworks—such as Scikit-learn, TensorFlow, and PyTorch—already provide pre-built models for cybersecurity applications. The key tasks are to collect high-quality, representative data, ensure AI systems are learning the right patterns, and continuously monitor and refine outputs to maintain effectiveness in an evolving threat landscape.
Generative AI isn’t limited to proprietary platforms. Open-source tools like LM Studio and Ollama offer robust solutions for organizations looking to integrate AI while maintaining control over their data and infrastructure. LM Studio is a powerful desktop application designed to run large language
models (LLMs) locally on your machine. It supports popular models like LLaMA, Falcon, and GPT-J, allowing you to fine-tune and query them without relying on external servers. This is particularly useful in industries where data privacy is paramount.
In Data-Driven Cybersecurity: Reducing risk with proven metrics, I share the lessons I’ve learned across fintech, biotechnology, pharmaceuticals, and beyond. The book begins with foundational topics: what constitutes a good security metric, how to align cyber security goals with broader business objectives, and the dos and don’ts of a robust security management program. As you move forward, you’ll discover hands-on examples of Python and Jupyter Notebooks that make collecting and visualizing metrics straight-forward—no advanced coding knowledge is required. For those looking to push the envelope, I also discuss advanced statistical methods, machine learning approaches, and even generative AI techniques that can forecast potential threats and anomalies in real time.
Foreword by Joseph Steinberg.
About the technology
A data-focused approach to cybersecurity uses metrics, analytics, and automation to detect threats earlier, respond faster, and align security with business goals.
About the book
Data-Driven Cybersecurity shows you how to turn complex security metrics into evidence-based security practices. You’ll learn to define meaningful KPIs, communicate risk to stakeholders, and turn complex data into clear action. You’ll begin by answering the important questions: what makes a “good” security metric? How can I align security with broader business objectives? What makes a robust data-driven security management program? Python scripts and Jupyter notebooks make collecting security data easy and help build a real-time threat detection dashboards. You’ll even see how AI and machine learning can proactively predict cybersecurity incidents!
What's inside:
• Improve your alert system using the ATLAS framework
• Elevate your organization’s security posture
• Statistical and ML techniques for threat detection
• Executive buy-in and strategic investment
About the reader:
For readers familiar with the basics of cybersecurity and data analysis.
About the author:
Mariano Mattei is a professor at Temple University and an information security professional with over 30 years of experience in cybersecurity and AI innovation.
Table of Contents
Part 1 Building the foundation
1 Introducing cybersecurity metrics
2 Cybersecurity analytics toolkit
3 Implementing a security metrics program
4 Integrating metrics into business strategy
Part 2 The metrics that matter
5 Establishing the foundation
6 Foundations of cyber risk
7 Protecting your assets
8 Continuous threat detection
9 Incident management and recovery
Part 3 Beyond the basics: Advanced analytics, machine learning and AI
10 Advanced cybersecurity metrics
11 Advanced statistical analysis
12 Advanced machine learning analysis
13 Generative AI in cybersecurity metrics
Скачать Data-Driven Cybersecurity: Reducing risk with proven metrics (Final Release)