Автор: Roger A. Grimes, Dr. John N. Just
Издательство: Wiley
Год: 2024
Страниц: 450
Язык: английский
Формат: pdf (true)
Размер: 10.1 MB
Keep valuable data safe from even the most sophisticated social engineering and phishing attacks.
Fighting Phishing: Everything You Can Do To Fight Social Engineering and Phishing serves as the ideal defense against phishing for any reader, from large organizations to individuals. Unlike most anti-phishing books, which focus only on one or two strategies, this book discusses all the policies, education, and technical strategies that are essential to a complete phishing defense. This book gives clear instructions for deploying a great defense-in-depth strategy to defeat hackers and malware. Written by the lead data-driven defense evangelist at the world's number one anti-phishing company, KnowBe4, Inc., this guide shows you how to create an enduring, integrated cybersecurity culture.
Learn what social engineering and phishing are, why they are so dangerous to your cybersecurity, and how to defend against them
Educate yourself and other users on how to identify and avoid phishing scams, to stop attacks before they begin
Discover the latest tools and strategies for locking down data when phishing has taken place, and stop breaches from spreading
Develop technology and security policies that protect your organization against the most common types of social engineering and phishing
Chapter 1: “Introduction to Social Engineering and Phishing.” Chapter 1 discusses the data and facts around social engineering and phishing and why it is so important to defeat if you want to defeat hackers and malware. If you need to prove to management the importance of fighting social engineering and phishing in your organization, this chapter will help you deliver that argument.
Chapter 2: “Phishing Terminology and Examples.” Chapter 2 describes the dozens of definitions related to social engineering and phishing. There are many different types of social engineering and phishing, and understanding the differences will help you better understand the threat and how to best fight it. Different types of social engineering and phishing require different types of defenses. Many different examples of phishing attacks will be presented.
Chapter 3: “3x3 Cybersecurity Control Pillars.” All security defenses require a best risk-managed, defense-indepth, combination of policies, technical defenses, and education to best fight cyber threats. Chapter 3 covers compliance, risk management, defense-in-depth, and the three defensive pillars all defenders must know and deploy to fight hackers and malware, not just against social engineering, but any cyber threat.
...
Chapter 16: “Miscellaneous Hints and Tricks.” Chapter 16 covers suggestions and hints that didn’t fit in other chapters, like strict anti-phishing policies, text-only emails, SAT counseling, and more.
Chapter 17: “Improving Your Security Culture.” The Holy Grail in the computer security defense community is to create a lasting culture of pervasive cybersecurity in the organization so that everyone practices excellent cyber hygiene resulting in a significant reduction in organizational cybersecurity risk. Chapter 17 will define the components of a security culture and discuss how you can get your organization there.
Who This Book Is For:
This book is for anyone interested in fighting social engineering and phishing attacks—from entire organizations to single individuals, from dedicated anti-phishing employees to IT managers, and for any IT security practitioner. Because the book contains large, distinct, sections dedicated to policy and formal security awareness training programs, it can be argued that it is more appropriately focused on organizations, ranging in size from small businesses to the Fortune 500. But individuals and organizations of any size will benefit from learning the recommendations and best practices contained in this book. Many of the lessons in this book should be shared with friends and family, and many of them are universal. This is the book I wish I read when I first got into the industry.
Скачать Fighting Phishing: Everything You Can Do to Fight Social Engineering and Phishing