Название: The Effects of Cyber Supply Chain Attacks and Mitigation StrategiesАвтор: Ravi Das
Издательство: CRC Press
Год: 2026
Страниц: 200
Язык: английский
Формат: pdf, epub (true)
Размер: 14.4 MB
The world of Cybersecurity today is becoming increasingly complex. There are many new Threat Variants that are coming out, but many of them are just tweaked versions of some of the oldest ones, such as Phishing and Social Engineering. In today’s world, Threat Variants are becoming more complex, more covert, and stealthier. Thus, it makes it almost impossible to detect them on time before the actual damage is done.
One such example of this is what is known as Supply Chain Attacks. What makes this different from the other Threat Variants is that through just one point of entry, the Cyberattacker can deploy a Malicious Payload and impact thousands of victims. This is what this book is about, and it covers the following:
Important Cybersecurity Concepts
An introduction to Supply Chain Attacks and its impact on the Critical Infrastructure in the United States
Examples of Supply Chain Attacks, most notably those of Solar Winds and Crowd Strike. Mitigation strategies that the CISO and their IT Security team can take to thwart off Supply Chain Attacks
So far in this chapter, we have reviewed some of the major Threat Variants that exist in Cybersecurity, as well as we have provided an in-depth review of its history to where it is at now. Not surprisingly, over the course of time, the Threat Variants have not only gotten stealthier, but they are now even very difficult to detect. Because of this, it is very important to get into the actual mindset of the Cyberattacker and try to figure out how they plan and launch their Threat Variants. This is very much needed, especially for both Penetration Testing, Vulnerability Scanning, and Threat Hunting exercises. Even though the common denominator between all of three of these is to find the weaknesses, gaps, and vulnerabilities in an IT/Network Infrastructure, they all have subtle differences amongst them and are reviewed in more detail into the next subsections of this chapter.
A penetration test, or “pen test,” is a security test that launches a mock cyberattack to find vulnerabilities in a computer system. Penetration testers are security professionals skilled in the art of ethical hacking, which is the use of hacking tools and techniques to fix security weaknesses rather than cause harm. Companies hire pen testers to launch simulated attacks against their apps, networks, and other assets. By staging fake attacks, pen testers help security teams uncover critical security vulnerabilities and improve the overall security posture. Penetration Testing is actually a very large field, and the exercises that are conducted from within it are actually complex. They can be done on site, or even virtually, from many thousands of miles away. They can also be fully automated, be done manually, or even be a hybrid of both.
Скачать The Effects of Cyber Supply Chain Attacks and Mitigation Strategies