Part 2

Part 2 of this book deals with the flip side of part 1: how we can build out relevant, proportional, and sustainable defenses against the attacks and attackers we met in part 1.

Each chapter looks at important elements that contribute to a successful cybersecurity operations capability. Chapter 8 dives into a commonly misunderstood but important area of cybersecurity: risk management. Chapter 9 then shows how to test your own systems and discover vulnerabilities and covers penetration testing, bug bounty programs, and dedicated hacking teams. Chapter 10 builds on chapters 8 and 9 by describing how security operations work and covers the key areas of monitoring, alerting, and incident response.

Finally, chapter 11 describes how to protect our most valuable asset—and our biggest danger—our people. Chapter 12 wraps up the book by looking at what to do after the inevitable hack—how to recover, whom to get help from, and how to improve our defenses and responses for the next attack.