Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                

Enterprise Information Security-1

Download as pdf or txt
Download as pdf or txt
You are on page 1of 10

A conceptual Guide to:

Enterprise
Information
Security
2023

By, Tommy Babel, Co-Founder & CEO


www.cyzea.io
Contents
7 .......................... ................................ ................................ ................................ Introduction
9 ............... ................................ ................................ ................................ Information Security
9 ............................................ ................................ ................................ Digital Transformation
10 ...................... ................................ ................................ ................................ Cyber Security

10 ..................................... ................................ ................................ Cyber Security Awareness


11 ....................... ................................ ................................ ................................ Crown Jewels
11 .................... ................................ ................................ ................................ Data Protection
12 .............. ................................ ................................ ................................ Private Information
13 ............................ ................................ ................................ ................................ CIA Model
13 ................ ................................ ................................ ................................ Layers-of-defense

14 ................. ................................ ................................ ................................ Defense in-depth


15 .................... ................................ ................................ ................................ Assume Breach
17 .................................... ................................ ................................ ................................ NIST
17 .............................. ................................ ................................ ................................ NIST CSF
18 ...................... ................................ ................................ ................................ NIST SP800-53
19 ...................... ................................ ................................ ................................ ISO/IEC 2700x

20 .................................... ................................ ................................ ................................ ISMS


21 ...................... ................................ ................................ ................................ ISO/IEC 27001
23 ..................................... ................................ ................................ ................................ GRC
23 .......................... ................................ ................................ ................................ Cyber Risks
24 ................ ................................ ................................ ................................ Risk Management
25 ......................................... ................................ ................................ Cyber Risk Assessment
26 ............................... ................................ ................................ Information Security Controls
26 .................... ................................ ................................ ................................ NIST SP800-171
28 ................. ................................ ................................ ................................ Controls Maturity
29 ................................. ................................ ................................ ................................ CMMC
31 .................................. ................................ ................................ ................................ TPRM

31 ........................................... ................................ ................................ Cloud transformation


32 ............................................ ................................ ................................ Outsourcing Security
33 ......................... ................................ ................................ ................................ Vendor Lock
35 .......................................... ................................ ................................ Situational Awareness
35 ...................... ................................ ................................ ................................ Attack Surface

1
36 ...................... ................................ ................................ ................................ Cyber Threats
37 ................ ................................ ................................ ................................ Social Engineering
37 ..................... ................................ ................................ ................................ Spear-Phishing
38 ..................................... ................................ ................................ ................................ BEC
38 ........................... ................................ ................................ ................................ MALWARE
39 ................ ................................ ................................ ................................ Lateral Movement
40 ............... ................................ ................................ ................................ Privilege Escalation
40 ..................................... ................................ ................................ ................................ RCE
41 ..................................... ................................ ................................ ................................ APT

41 ........................................... ................................ ................................ NIST Threat Modeling


42 ................................. ................................ ................................ ................................ MITRE
43 ............................. ................................ ................................ ................................ MITRE T2
44 ...................... ................................ ................................ ................................ MITRE Att@ck
45 ............................ ................................ ................................ ................................ Red Team

46 ........................... ................................ ................................ ................................ Blue Team


46 ........................ ................................ ................................ ................................ Purple Team
47 .............. ................................ ................................ ................................ Penetration Testing
48 ............................... ................................ ................................ Blackbox, Graybox, Whitebox
50 .............. ................................ ................................ ................................ Enterprise Network
50 ........................................ ................................ ................................ Enterprise Architecture

51 ............... ................................ ................................ ................................ Enterprise Security


52 ............... ................................ ................................ ................................ Perimeter Security
52 .................................... ................................ ................................ ................................ DMZ
53 .................... ................................ ................................ ................................ Network CLASS
54 .................... ................................ ................................ ................................ The OSA model

55 .......................... ................................ ................................ ................................ UDP vs TCP


55 ................. ................................ ................................ ................................ Network Security
56 ..................... ................................ ................................ ................................ SSL Decryption
57 ........................ ................................ ................................ ................................ DNS Security
57 ......................... ................................ ................................ ................................ SPF/DMARC
58 ........................... ................................ ................................ ................................ Anti-DDOS

59 ............................... ................................ ................................ ................................ Firewall


59 ............................... ................................ ................................ ................................ IDS / IPS

2
60 ..................................... ................................ ................................ ................................ NAC
60 ......................................... ................................ ................................ Network Segmentation
61 ............................................. ................................ ................................ Micro Segmentation
62 .......................................... ................................ ................................ Secure Remote Access
62 ................................... ................................ ................................ ................................ MPLS
63 ..................................... ................................ ................................ ................................ VPN
63 .................... ................................ ................................ ................................ Site to Site VPN
64 ................................... ................................ ................................ ................................ IPSEC
65 .................................... ................................ ................................ ................................ MFA

65 ................. ................................ ................................ ................................ Zero-Trust Access


66 ..................................... ................................ ................................ ................................ SDN
66 .............................. ................................ ................................ ................................ SD-WAN
67 ..................................... ................................ ................................ ................................ SDP
69 ................. ................................ ................................ ................................ Endpoint Security

69 ......................................... ................................ ................................ Secure Internet Access


70 .................................... ................................ ................................ ................................ SWG
70 ..................................... ................................ ................................ ................................ SEG
71 .......................... ................................ ................................ ................................ Sandboxing
72 ..................................... ................................ ................................ ................................ EDR
72 .............. ................................ ................................ ................................ Application Control

73 ................................... ................................ ................................ Vulnerability Management


73 ................... ................................ ................................ Risk based Vulnerability Management
74 ................... ................................ ................................ ................................ Virtual Patching
76 ................... ................................ ................................ Identity and Access Governance (IAG)
76 ................................... ................................ ................................ ................................ RBAC

77 ...................... ................................ ................................ ................................ Least Privilege


78 ............................................ ................................ ................................ Application Accounts
79 .................................... ................................ ................................ ................................ PAM
79 ........................................ ................................ ................................ Secure Active Directory
81 ............................... ................................ ................................ Password Management Policy
81 .................... ................................ ................................ ................................ NIST SP800-63B

82 ..................................... ................................ ................................ ................................ IAM


83 ..................................... ................................ ................................ ................................ SOD

3
83 ..................................... ................................ ................................ ................................ SOX
84 ................................. ................................ ................................ Service Organization Control
86 ............................................. ................................ ................................ Application Security
86 ..................................... ................................ ................................ ................................ SOA
87 .................. ................................ ................................ ................................ SOA alternatives
88 ....................... ................................ ................................ ................................ Microservices
88 ..................................... ................................ ................................ Event driven Architecture
89 ................................. ................................ ................................ ................................ S-SDLC
90 ................... ................................ ................................ ................................ Risk Assessment

90 .................. ................................ ................................ ................................ Threat Modeling


91 .................... ................................ ................................ ................................ OWASP TOP-10
92 ........................ ................................ ................................ ................................ SANS Top-25
93 ............................................ ................................ ................................ Secure Code Analysis
93 .................................... ................................ ................................ ................................ SAST

94 ................................... ................................ ................................ ................................ DAST


94 ........................................... ................................ ................................ Change Management
95 .............. ................................ ................................ ................................ Secure Deployment
96 ............... ................................ ................................ ................................ Application Testing
96 ....................... ................................ ................................ ................................ Sprint Coding
98 ............... ................................ ................................ ................................ QA security testing

98 ................... ................................ ................................ ................................ Product Security


99 ..................... ................................ ................................ Secure Key and Secret Management
100 ......................................... ................................ ................................ Secure Data Handling
100 ................................... ................................ ................................ Secure Code Repositories
101 .................................. ................................ ................................ ................................ WAF

102 ...................... ................................ ................................ ................................ API Gateway


102 ................................ ................................ ................................ ................................ SBOM
105 .................. ................................ ................................ ................................ Data Protection
105 .............. ................................ ................................ ................................ Database Security
106 .................................... ................................ Dynamic data masking and static data masking
107 ....................... ................................ ................................ File System Security & Challenges

108 ................................. ................................ ................................ ................................ UEBA


109 .................................. ................................ ................................ ................................ DRM

4
109 ................................... ................................ ................................ ................................ DLP
110 .......................................... ................................ ................................ Encryption in-Transit
111 .............. ................................ ................................ ................................ Encryption at-Rest
111 ............... ................................ ................................ ................................ Encryption Levels
112 ............................. ................................ ................................ Strong Encryption Algorithms
113 ................ ................................ ................................ Symmetric and asymmetric encryption
113 ................... ................................ ................................ Information Classification & Labeling
114 ............... ................................ ................................ ................................ Data Governance
115 ................................. ................................ ................................ ................................ GDPR

115 ................................. ................................ ................................ ................................ CCPA


116 ......................................... ................................ ................................ EU-US Data Transfers
117 ................................... ................................ ................................ Privacy Shield Framework
119 .................... ................................ ................................ ................................ Cloud Security
119 ........................................ ................................ ................................ Public, Hybrid, Private

120 .................................. ................................ ................................ ................................ IAAS


121 ................................. ................................ ................................ ................................ PAAS
121 ................................. ................................ ................................ ................................ SAAS
122 ................................. ................................ ................................ ................................ CAAS
122 .................................. ................................ ................................ Secure Cloud Architecture
123 .................. ................................ ................................ ................................ HUB and Spoke

124 ................................. ................................ ................................ Share Responsibility model


124 ............................................ ................................ ................................ Cloud Security Risks
125 ................ ................................ ................................ ................................ Misconfiguration
126 ................................. ................................ ................................ ................................ CASB
126 ................................ ................................ ................................ ................................ CSPM

127 ................................ ................................ ................................ ................................ CWPP


128 ................................. ................................ ................................ ................................ CIAM
128 ......................... ................................ ................................ ................................ Containers
129 ........................ ................................ ................................ ................................ Kubernetes
131 ......................... ................................ ................................ ................................ ServerLess
132 ................. ................................ ................................ ................................ Edge Computing

133 .................................. ................................ ................................ ................................ SASE


136 .............. ................................ ................................ ................................ Incident Response

5
136 ................................... ................................ ................................ ................................ SOC
137 ................................. ................................ ................................ ................................ SIEM
137 ................................... ................................ ................................ ................................ XDR
138 ......................................... ................................ ................................ SOC Operating Model
139 .................................... ................................ ................................ Cyber Threat Intelligence
140 .................................. ................................ ................................ ................................ CEM
140 .............. ................................ ................................ ................................ IR Maturity Model
143 .................. ................................ ................................ ................................ OT/ICS Security
143 ....................... ................................ ................................ ................................ Industry 4.0

144 ......................... ................................ ................................ Industrial Digital Transformation


144 ..................... ................................ ................................ Known Cyber Threat to ICS systems
145 ....................................... ................................ ................................ ICS Security Challenges
145 ...................................... ................................ ................................ Protecting ICS networks
146 ................... ................................ ................................ ................................ ICS Vocabulary

147 .......................... ................................ ................................ ................................ ICE 62443


149 .......................................... ................................ Business Continuity and Disaster Recovery
149 ............................................ ................................ ................................ 3-2-1 Backup Policy
150 ......................... ................................ ................................ ................................ RPO / RTO
150 ........................... ................................ ................................ ................................ ISO22301

6
Introduction
In today's digital age, it is more important than ever for businesses to protect their sensitive
data and systems from potential threats and breaches. This book aims to provide a
comprehensive overview of the various aspects of enterprise information security, including
best practices, technologies, and strategies for safeguarding your organization's assets.

This book is designed to be a comprehensive and holistic resource that covers all aspects of
enterprise cybersecurity. We will cover the basics of network security and data protection, as
well as advanced topics such as incident response and threat intelligence. We will also discuss
the legal and regulatory requirements that organizations must follow in order to protect
against cyber threats, such as data privacy regulations and industry-specific standards.

You will learn about the different types of threats that businesses face in the digital world,
including cyber-attacks, data breaches, and malware. You will also learn about the various
technologies and tools that can be used to protect against these threats, including firewalls,
antivirus software, and intrusion detection systems.

In addition to discussing technical solutions, this book will also cover the importance of
implementing strong security policies and procedures, as well as training employees on proper
security practices. We will delve into the role of risk assessment and management in an
enterprise information security program and explore the challenges of managing security in a
constantly evolving landscape.

Whether you are a security professional or a business leader looking to better understand the
risks and challenges of protecting your organization's assets, this book will provide valuable
insights and practical guidance. Let's get started on building a secure and resilient enterprise
information security program.

7
CHAPTER 1

INTRODUCTION TO
INFORMATION AND
CYBER SECURITY

8
Information Security
Information security is the practice of protecting information and information systems from
unauthorized access, use, disclosure, disruption, modification, or destruction. It is a critical
aspect of modern computing, as information is often a valuable asset that needs to be
protected from various threats such as hackers, malware, and natural disasters.

To protect information, organizations and individuals use a variety of measures such as


security protocols, encryption, and access controls. These measures are designed to ensure
that only authorized users can access and use the information, and that the information
remains intact and unmodified.

Information security is important for a number of reasons. It helps to protect the


confidentiality of sensitive information, ensures the integrity of data, and helps to maintain
the availability of systems and resources. It is also important for protecting the privacy of
individuals and ensuring that organizations are compliant with various laws and regulations
related to data protection.

Digital Transformation
Digital transformation is the process of using digital technologies to fundamentally change the
way that an organization operates and delivers value to its customers. It involves the
integration of digital technologies, such as the internet, mobile devices, social media, and
cloud computing, into all areas of an organization to improve efficiency, increase productivity,
and create new business opportunities.

Digital transformation can take many forms and can involve the adoption of new technologies,
the creation of new business models, the redesign of processes and systems, and the
development of new skills and capabilities within the organization. It is often driven by the
need to stay competitive in a rapidly changing digital landscape and to meet the changing
needs and expectations of customers.

Digital transformation can have a profound impact on an organization, as it can fundamentally


change the way that it operates and engages with its customers. It can enable organizations
to improve customer experience, increase efficiency and productivity, and create new sources

You might also like