97 Things Every Information Security Professional Should Know: Collective Wisdom from the Experts

Whether you're searching for new or additional opportunities, information security can be vast and overwhelming. In this practical guide, author Christina Morillo introduces technical knowledge from a diverse range of experts in the infosec field. Through 97 concise and useful tips, you'll learn how to expand your skills and solve common issues by working through everyday security problems.

You'll also receive valuable guidance from professionals on how to navigate your career within this industry. How do you get buy-in from the C-suite for your security program? How do you establish an incident and disaster response plan? This practical book takes you through actionable advice on a wide variety of infosec topics, including thought-provoking questions that drive the direction of the field.

  • Continuously Learn to Protect Tomorrow's Technology - Alyssa Columbus
  • Fight in Cyber Like the Military Fights in the Physical - Andrew Harris
  • Keep People at the Center of Your Work - Camille Stewart
  • Infosec Professionals Need to Know Operational Resilience - Ann Johnson
  • Taking Control of Your Own Journey - Antoine Middleton
  • Security, Privacy, and Messy Data Webs: Taking Back Control in Third-Party Environments - Ben Brook
  • Every Information Security Problem Boils Down to One Thing - Ben Smith
  • Focus on the WHAT and the Why First, Not the Tool - Christina Morillo
1140144166
97 Things Every Information Security Professional Should Know: Collective Wisdom from the Experts

Whether you're searching for new or additional opportunities, information security can be vast and overwhelming. In this practical guide, author Christina Morillo introduces technical knowledge from a diverse range of experts in the infosec field. Through 97 concise and useful tips, you'll learn how to expand your skills and solve common issues by working through everyday security problems.

You'll also receive valuable guidance from professionals on how to navigate your career within this industry. How do you get buy-in from the C-suite for your security program? How do you establish an incident and disaster response plan? This practical book takes you through actionable advice on a wide variety of infosec topics, including thought-provoking questions that drive the direction of the field.

  • Continuously Learn to Protect Tomorrow's Technology - Alyssa Columbus
  • Fight in Cyber Like the Military Fights in the Physical - Andrew Harris
  • Keep People at the Center of Your Work - Camille Stewart
  • Infosec Professionals Need to Know Operational Resilience - Ann Johnson
  • Taking Control of Your Own Journey - Antoine Middleton
  • Security, Privacy, and Messy Data Webs: Taking Back Control in Third-Party Environments - Ben Brook
  • Every Information Security Problem Boils Down to One Thing - Ben Smith
  • Focus on the WHAT and the Why First, Not the Tool - Christina Morillo
42.99 In Stock
97 Things Every Information Security Professional Should Know: Collective Wisdom from the Experts

97 Things Every Information Security Professional Should Know: Collective Wisdom from the Experts

by Christina Morillo
97 Things Every Information Security Professional Should Know: Collective Wisdom from the Experts
Add to Wishlist
97 Things Every Information Security Professional Should Know: Collective Wisdom from the Experts

97 Things Every Information Security Professional Should Know: Collective Wisdom from the Experts

by Christina Morillo

Overview

Whether you're searching for new or additional opportunities, information security can be vast and overwhelming. In this practical guide, author Christina Morillo introduces technical knowledge from a diverse range of experts in the infosec field. Through 97 concise and useful tips, you'll learn how to expand your skills and solve common issues by working through everyday security problems.

You'll also receive valuable guidance from professionals on how to navigate your career within this industry. How do you get buy-in from the C-suite for your security program? How do you establish an incident and disaster response plan? This practical book takes you through actionable advice on a wide variety of infosec topics, including thought-provoking questions that drive the direction of the field.

  • Continuously Learn to Protect Tomorrow's Technology - Alyssa Columbus
  • Fight in Cyber Like the Military Fights in the Physical - Andrew Harris
  • Keep People at the Center of Your Work - Camille Stewart
  • Infosec Professionals Need to Know Operational Resilience - Ann Johnson
  • Taking Control of Your Own Journey - Antoine Middleton
  • Security, Privacy, and Messy Data Webs: Taking Back Control in Third-Party Environments - Ben Brook
  • Every Information Security Problem Boils Down to One Thing - Ben Smith
  • Focus on the WHAT and the Why First, Not the Tool - Christina Morillo

Product Details

ISBN-13: 9781098101350
Publisher: O'Reilly Media, Incorporated
Publication date: 09/14/2021
Sold by: Barnes & Noble
Format: eBook
Pages: 266
File size: 28 MB
Note: This product may take a few minutes to download.

About the Author

Christina Morillo is an information security/cybersecurity and technology leader with expertise in enterprise security engineering, identity & access and cloud. Her extensive experience in enterprise security and identity, insider threat, cloud identity programs & deployments, have taken her to companies like Morgan Stanley, Fitch Ratings, AllianceBernstein, and Microsoft.

Christina advocates for and is passionate about meeting people and companies where they are. She is also a proponent of making security practical, accessible and easy to digest (sometimes with the help of basketball analogies).

In addition to her professional work, Christina co-leads Women in Security and Privacy's NYC Chapter, and volunteers with multiple organizations aligned with her mission of getting more women and underestimated folks into tech. In 2015, she also co-founded #WOCinTech Chat, the grassroots initiative best known for boosting visual representation through the open-source collection of stock photos featuring women of color technologists. With over 100 Million views and counting, the images have been used across countless mediums and have inspired other collections in the process.

Table of Contents

Preface xiii

1 Continuously Learn to Protect Tomorrow's Technology Alyssa Columbus 1

2 Fight in Cyber like the Military Fights in the Physical Andrew Harris 3

3 Three Major Planes Andrew Harris 6

4 InfoSec Professionals Need to Know Operational Resilience Ann Johnson 9

5 Taking Control of Your Own Journey Antoine Middleton 11

6 Security, Privacy, and Messy Data Webs: Taking Back Control in Third-Party Environments Ben Brook 13

7 Every Information Security Problem Boils Down to One Thing Ben Smith 15

8 And in This Corner, It's Security Versus the Business! Ben Smith 17

9 Don't Overlook Prior Art from Other Industries Ben Smith 19

10 Powerful Metrics Always Lose to Poor Communication Ben Smith 21

11 "No" May Not Be a Strategic Word Brian Gibbs 23

12 Keep People at the Center of Your Work Camille Stewart 25

13 Take a Beat: Thinking Like a Firefighter for Better Incident Response Catherine J. Ullman 27

14 A Diverse Path to Better Security Professionals Catherine J. Ullman 29

15 It's Not About the Tools Chase Pettet 31

16 Four Things to Know About Cybersecurity Chloé Messdaghi 33

17 Vetting Resources and Having Patience when Learning Information Security Topics Christina Lang 36

18 Focus on the What and the Why First, Not the Tool Christina Morillo 38

19 Insiders Don't Care for Controls Damian Finol 40

20 Identity and Access Management: The Experience Dane Bamburry 42

21 Lessons from Cross-Training in Law Danny Moules 44

22 Ransomware David McKenzie 46

23 The Key to Success in Your Cloud Journey Begins with the Shared Responsibility Model Dominique West 48

24 Why InfoSec Practitioners Need to Know About Agile and DevOps Fernando Ike 50

25 The Business Is Always Right Frank McGovern 53

26 Why Choose Linux as Your Secure Operating System? Gleydson Mazioli da Silva 55

27 New World, New Rules, Same Principles Guillaume Blaquiere 57

28 Data Protection: Impact on Software Development Guy Lépine 59

29 An Introduction to Security in the Cloud Gwyneth Peña-Siguenza 62

30 Knowing Normal Gyle dela Cruz 65

31 All Signs Point to a Schism in Cybersecurity Ian Barwise 67

32 DevSecOps Is Evolving to Drive a Risk-Based Digital Transformation Idan Plotnik 69

33 Availability Is a Security Concern Too Jam Leomi 71

34 Security Is People James Bore 73

35 Penetration Testing: Why Can't It Be Like the Movies? Jasmine M. Jackson 75

36 How Many Ingredients Does It Take to Make an Information Security Professional? Jasmine M. Jackson 77

37 Understanding Open Source Licensing and Security Jeff Luszcz 79

38 Planning for Incident Response Customer Notifications JR Aquino 81

39 Managing Security Alert Fatigue Julie Agnes Sparks 84

40 Take Advantage of NIST's Resources Karen Scarfone 86

41 Apply Agile SDLC Methodology to Your Career Keirsten Brager 88

42 Failing Spectacularly Kelly Shortridge 90

43 The Solid Impact of Soft Skills Kim Z. Dale 92

44 What Is Good Cyber Hygiene Within Information Security? Lauren Zink 94

45 Phishing Lauren Zink 96

46 Building a New Security Program Lauren Zink 98

47 Using Isolation Zones to Increase Cloud Security Lee Atchison 100

48 If It's Remembered for You, Forensics Can Uncover It Lodrina Cherne 103

49 Certifications Considered Harmful Louis Nyffenegger 105

50 Security Considerations for IoT Device Management Mansi Thakar 107

51 Lessons Learned: Cybersecurity Road Trip Mansi Thakar 109

52 Finding Your Voice Maresa Vermulst 111

53 Best Practices with Vulnerability Management Mari Galloway 113

54 Social Engineering Marina Ciavatta 115

55 Stalkerware: When Malware and Domestic Abuse Coincide Martijn Grooten 117

56 Understanding and Exploring Risk Dr. Meg Layton 119

57 The Psychology of Incident Response Melanie Ensign 121

58 Priorities and Ethics/Morality Michael Weber 123

59 DevSecOps: Continuous Security Has Come to Stay Michelle Ribeiro 125

60 Cloud Security: A 5,000 Mile View from the Top Michelle Taggart 128

61 Balancing the Risk and Productivity of Browser Extensions Mike Mackintosh 130

62 Technical Project Ideas Towards Learning Web Application Security Ming Chow 132

63 Monitoring: You Can't Defend Against What You Don't See Mitch B. Parker 134

64 Documentation Matters Najla Lindsay 136

65 The Dirty Truth Behind Breaking into Cybersecurity Naomi Buckwalter 137

66 Cloud Security Nathan Chung 139

67 Empathy and Change Nick Gordon 141

68 Information Security Ever After Nicole Dorsett 143

69 Don't Check It In! Patrick Schiess 145

70 Threat Modeling for SIEM Alerts Phil Swaim 147

71 Security Incident Response and Career Longevity Priscilla Li 149

72 Incident Management Quiessence Phillips 151

73 Structure over Chaos Rob Newby 153

74 CWE Top 25 Most Dangerous Software Weaknesses Rushi Purohit 155

75 Threat Hunting Based on Machine Learning Saju Thomas Paul Harshvardhan Parmar 157

76 Get In Where You Fit In Sallie Newton 159

77 Look Inside and See What Can Be Sam Denard 161

78 DevOps for InfoSec Professionals Sasha Rosenbaum 164

79 Get Familiar with R&R (Risk and Resilience) Shinesa Cambric 167

80 Password Management Siggi Bjarnason 169

81 Let's Go Phishing Siggi Bjarnason 171

82 Vulnerability Management Siggi Bjarnason 173

83 Reduce Insider Risk Through Employee Empowerment Stacey Champagne 175

84 Fitting Certifications into Your Career Path Steven Becker 178

85 Phishing Reporting Is the Best Detection Steven Becker 180

86 Know Your Data Steve Taylor 182

87 Don't Let the Cybersecurity Talent Shortage Leave Your Firm Vulnerable Tim Maliyil 184

88 Comfortable Versus Confident Tkay Rice 186

89 Some Thoughts on PKI Tarah Wheeler 188

90 What Is a Security Champion? Travis F. Felder 190

91 Risk Management in Information Security Trevor Bryant 193

92 Risk, 2FA, MFA, It's All Just Authentication! Isn't It? Unique Glover 195

93 Things I Wish I Knew Before Getting into Cybersecurity Valentina Palacin 197

94 Research Is Not Just for Paper Writing Vanessa Redman 199

95 The Security Practitioner Wayne A. Howell Jr. 201

96 Threat Intelligence in Two Steps Xena Olsen 203

97 Maintaining Compliance and Information Security with Blue Team Assistance Yasmin Schlegel 205

Contributors 207

Index 241

About the Editor 248

From the B&N Reads Blog
Page 1 of

Related Subjects

Computers
Computers - General & Miscellaneous
Computer Security
Computers
Computers - General & Miscellaneous
Computer Security

Customer Reviews