In The Art of Attack: Attacker Mindset for Security Professionals, Maxie Reynolds untangles the threads of a useful, sometimes dangerous, mentality. The book shows ethical hackers, social engineers, and pentesters what an attacker mindset is and how to and how to use it to their advantage.

(ISC)2 Certified Information Systems Security Professional (CISSP) Official Study Guide, 9th Edition has been completely updated based on the latest 2021 CISSP Exam Outline. This bestselling Sybex study guide covers 100% of the exam objectives. You'll prepare for the exam smarter and faster with Sybex thanks to expert content, knowledge from our real-world experience, advice on mastering this adaptive exam, access to the Sybex online interactive learning environment, and much more. Reinforce what you've learned with key topic exam essentials and chapter review questions.

Rick Howard, the Chief Security Officer, Chief Analyst, and Senior fellow at The Cyberwire, challenges the conventional wisdom of current cybersecurity best practices, strategy, and tactics and makes the case that the profession needs to get back to first principles.

In Project Zero Trust: A Story About a Strategy for Aligning Security and the Business, George Finney, chief security officer at Southern Methodist University, delivers an insightful and practical discussion of Zero Trust implementation. Presented in the form of a fictional narrative involving a breach at a company, the book tracks the actions of the company's new IT security director. Listeners will learn John Kindervag's 5-Step methodology for implementing Zero Trust, the four Zero Trust design principles, and how to limit the impact of a breach.

Zero day: a software bug that allows a hacker to break into your devices and move around undetected. One of the most coveted tools in a spy's arsenal, a zero day has the power to silently spy on your iPhone, dismantle the safety controls at a chemical plant, alter an election and shut down the electric grid (just ask Ukraine). For decades, under cover of classification levels and non-disclosure agreements, the United States government became the world’s dominant hoarder of zero days.

It’s a signal paradox of our times that we live in an information society but do not know how it works. And without understanding how our information is stored, used, and protected, we are vulnerable to having it exploited. In Fancy Bear Goes Phishing, Scott J. Shapiro draws on his popular Yale University class about hacking to expose the secrets of the digital age. With lucidity and wit, he establishes that cybercrime has less to do with defective programming than with the faulty wiring of our psyches and society.

Meet the Lazarus Group, a shadowy cabal of hackers accused of working on behalf of the North Korean state. It's claimed that they form one of the most dangerous criminal enterprises on the planet, having stolen more than $1bn in an international crime spree. Their targets allegedly include central banks, Hollywood film studios and even the British National Health Service. North Korea denies the allegations, saying the accusations are American attempts to tarnish its image.

The Battle of Serenity Valley was the turning point that led the Independents to their defeat at the hands of the Alliance. Yet the Browncoats had held the valley for weeks against all odds, before being ordered to lay down their arms. Command stated they refused to send in airpower because the ground war was "too hot". But the soldiers who were there insist that was not true.... While picking up a new cargo on Persephone, Captain Malcolm Reynolds is kidnapped by a bunch of embittered veteran Browncoats who suspect him of sabotaging the Independents during the war.

Despite the increase of high-profile hacks, record-breaking data leaks, and ransomware attacks, many organizations don't have the budget for an information security (InfoSec) program. If you're forced to protect yourself by improvising on the job, this pragmatic guide provides a security-101 handbook with steps, tools, processes, and ideas to help you drive maximum-security improvement at little or no cost.

Laurent Richard and Sandrine Rigaud's Pegasus: How a Spy in Our Pocket Threatens the End of Privacy, Dignity, and Democracy is the story of the one of the most sophisticated and invasive surveillance weapons ever created, used by governments around the world.

Rick Howard, the Chief Security Officer, Chief Analyst, and Senior fellow at The Cyberwire, challenges the conventional wisdom of current cybersecurity best practices, strategy, and tactics and makes the case that the profession needs to get back to first principles.

Beginning in 2018, a powerful app for secure communications, called Anom, began to take root among drug dealers and other criminals. It had extraordinary safeguards to keep out prying eyes--the power to quickly wipe data, voice-masking technology, and more. It was better than other apps popular among organized crime syndicates, except for one thing: it was secretly run by law enforcement. Over the next few years, the FBI, along with law enforcement partners in Australia and parts of Europe, got a front row seat to the global criminal underworld.

In How to Measure Anything in Cybersecurity Risk, Second Edition, a pioneering information security professional and a leader in quantitative analysis methods deliver yet another eye-opening text applying the quantitative language of risk analysis to cybersecurity. In the book, the authors demonstrate how to quantify uncertainty and shed light on how to measure seemingly intangible goals. It's a practical guide to improving risk assessment with a straightforward and simple framework.

In The Art of Attack: Attacker Mindset for Security Professionals, Maxie Reynolds untangles the threads of a useful, sometimes dangerous, mentality. The book shows ethical hackers, social engineers, and pentesters what an attacker mindset is and how to and how to use it to their advantage.

Cybersecurity is an emerging career trend and will continue to become increasingly important. Despite the lucrative pay and significant career growth opportunities, many people are unsure of how to get started.

(ISC)2 Certified Information Systems Security Professional (CISSP) Official Study Guide, 9th Edition has been completely updated based on the latest 2021 CISSP Exam Outline. This bestselling Sybex study guide covers 100% of the exam objectives. You'll prepare for the exam smarter and faster with Sybex thanks to expert content, knowledge from our real-world experience, advice on mastering this adaptive exam, access to the Sybex online interactive learning environment, and much more. Reinforce what you've learned with key topic exam essentials and chapter review questions.

It's time to address the elephant in the room: overlooked cybersecurity weak points. This guide not only identifies these vulnerabilities but also arms you with the tools and tactics to fortify your digital defenses effectively. Did you know that over 60% of businesses have experienced a cybersecurity incident in the past year? In a world where digital threats are escalating, understanding and mastering penetration testing is no longer a choice but a necessity.

Companies that can use technology wisely and well are booming, companies that make bad or no technology choices collapse and disappear. The cloud, smart devices and the ability to connect almost any object to the internet are an essential landscape to use but are also fraught with new risks and dangers of a magnitude never seen before. Also featuring an alphabetical section at the back of the book to help you translate many of the main cybersecurity technical terms into plain, non-technical English.

Kevin Mitnick was the most elusive computer break-in artist in history. He accessed computers and networks at the world’s biggest companies—and however fast the authorities were, Mitnick was faster, sprinting through phone switches, computer systems, and cellular networks. He spent years skipping through cyberspace, always three steps ahead and labeled unstoppable.

Thoroughly updated for the latest release of the Certified Information Systems Security Professional exam, this comprehensive resource covers all objectives in the 2021 CISSP exam developed by the International Information Systems Security Certification Consortium (ISC)2®. CISSP All-in-One Exam Guide, Ninth Edition features learning objectives at the beginning of each chapter, exam tips, practice questions, and in-depth explanations.

The Cybersecurity Playbook is the step-by-step guide to protecting your organization from unknown threats and integrating good security habits into everyday business situations. This audiobook provides clear guidance on how to identify weaknesses, assess possible threats, and implement effective policies. Recognizing that an organization's security is only as strong as its weakest link, this audiobook offers specific strategies for employees at every level.

In Project Zero Trust: A Story About a Strategy for Aligning Security and the Business, George Finney, chief security officer at Southern Methodist University, delivers an insightful and practical discussion of Zero Trust implementation. Presented in the form of a fictional narrative involving a breach at a company, the book tracks the actions of the company's new IT security director. Listeners will learn John Kindervag's 5-Step methodology for implementing Zero Trust, the four Zero Trust design principles, and how to limit the impact of a breach.

The virus now known as Stuxnet was unlike any other piece of malware built before: Rather than simply hijacking targeted computers or stealing information from them, it proved that a piece of code could escape the digital realm and wreak actual, physical destruction—in this case, on an Iranian nuclear facility.

It’s a signal paradox of our times that we live in an information society but do not know how it works. And without understanding how our information is stored, used, and protected, we are vulnerable to having it exploited. In Fancy Bear Goes Phishing, Scott J. Shapiro draws on his popular Yale University class about hacking to expose the secrets of the digital age. With lucidity and wit, he establishes that cybercrime has less to do with defective programming than with the faulty wiring of our psyches and society.

Scattered across the world, an elite team of code crackers is working tirelessly to thwart the defining cyber scourge of our time. You’ve probably never heard of them. But if you work for a school, a business, a hospital, or a municipal government, or simply cherish your digital data, you may be painfully familiar with the team’s sworn enemy: ransomware. Again and again, an unlikely band of misfits, mostly self-taught and often struggling to make ends meet, have outwitted the underworld of hackers who lock computer networks and demand huge payments in return for the keys.