Cybersecurity Operations and Fusion Centers: A Comprehensive Guide to Soc and Tic Strategy
McLaughlin, Kevin Lynn
商品描述
Cybersecurity Operations and Fusion Centers: A Comprehensive Guide to SOC and TIC Strategy by Dr. Kevin Lynn McLaughlin is a must-have resource for anyone involved in the establishment and operation of a Cybersecurity Operations and Fusion Center (SOFC). Think of a combination cybersecurity SOC and cybersecurity Threat Intelligence Center (TIC). In this book, Dr. McLaughlin, who is a well-respected cybersecurity expert, provides a comprehensive guide to the critical importance of having an SOFC and the various options available to organizations to either build one from scratch or purchase a ready-made solution. The author takes the reader through the crucial steps of designing an SOFC model, offering expert advice on selecting the right partner, allocating resources, and building a strong and effective team. The book also provides an in-depth exploration of the design and implementation of the SOFC infrastructure and toolset, including the use of virtual tools, the physical security of the SOFC, and the impact of COVID-19 on remote workforce operations. A bit of gamification is described in the book as a way to motivate and maintain teams of high-performing and well-trained cybersecurity professionals.
The day-to-day operations of an SOFC are also thoroughly examined, including the monitoring and detection process, security operations (SecOps), and incident response and remediation. The book highlights the significance of effective reporting in driving improvements in an organization's security posture.
With its comprehensive analysis of all aspects of the SOFC, from team building to incident response, this book is an invaluable resource for anyone looking to establish and operate a successful SOFC. Whether you are a security analyst, senior analyst, or executive, this book will provide you with the necessary insights and strategies to ensure maximum performance and long-term success for your SOFC. By having this book as your guide, you can rest assured that you have the knowledge and skills necessary to protect an organization's data, assets, and operations.
商品描述(中文翻譯)
《Cybersecurity Operations and Fusion Centers: A Comprehensive Guide to SOC and TIC Strategy》是由Kevin Lynn McLaughlin博士撰寫的一本必備資源,適合所有參與建立和運營Cybersecurity Operations and Fusion Center(SOFC)的人使用。這本書將Cybersecurity SOC和Cybersecurity Threat Intelligence Center(TIC)結合在一起。在這本書中,McLaughlin博士作為一位備受尊敬的資安專家,提供了一個全面指南,闡述了擁有SOFC的重要性以及組織可以從頭開始建立或購買現成解決方案的各種選擇。作者引導讀者通過關鍵步驟,設計SOFC模型,並提供專家建議,包括選擇合適的合作夥伴,分配資源以及建立強大而有效的團隊。該書還深入探討了SOFC基礎設施和工具集的設計和實施,包括虛擬工具的使用,SOFC的物理安全以及COVID-19對遠程工作人員運營的影響。書中還描述了一種遊戲化的方法,用於激勵和維持高效且經過良好培訓的資安專業人員團隊。
書中還詳細探討了SOFC的日常運營,包括監控和檢測過程,安全運營(SecOps)以及事件響應和修復。該書強調了有效報告在推動組織安全姿態改進方面的重要性。
這本書全面分析了SOFC的各個方面,從團隊建設到事件響應,對於希望建立和運營成功的SOFC的任何人來說,這是一個寶貴的資源。無論您是安全分析師、高級分析師還是高管,這本書都將為您提供必要的見解和策略,以確保SOFC的最大性能和長期成功。通過這本書作為您的指南,您可以放心地擁有保護組織的數據、資產和運營所需的知識和技能。
作者簡介
Dr. Kevin Lynn McLaughlin, PhD, CISO, CISM, CISSP, PMP, ITIL Master, LSSBB, GIAC-GSLC, CRISC, is a highly accomplished cybersecurity expert with a diverse background in law enforcement, corporate security, and cybersecurity. He proudly served in the U.S. Army and was a U.S. Special Agent before making a significant impact in the world of corporate security. With over 39 years of experience in the field, Dr. McLaughlin has demonstrated his expertise in creating and leading three Global Cybersecurity Programs for Fortune 300 companies, establishing Global Security Operations Centers, and designing and implementing a Global Cybersecurity Architecture. He is a veteran in global cyber investigations, having led over 800 investigations, and is a skilled executive manager who has led Global Cyber and Corporate Security teams. Kevin is a highly sought after speaker, having spoken at RSA, and has advised Board of Directors on various cybersecurity topics. He is also an expert in executive protection and securing critical manufacturing, manufacturing, consumer goods, and healthcare environments.
作者簡介(中文翻譯)
Dr. Kevin Lynn McLaughlin博士,PhD,CISO,CISM,CISSP,PMP,ITIL Master,LSSBB,GIAC-GSLC,CRISC,是一位在執法、企業安全和網絡安全領域擁有豐富經驗的資深網絡安全專家。他曾自豪地在美國陸軍服役,並擔任過美國特工,然後在企業安全領域取得了重大成就。在這個領域擁有超過39年的經驗,McLaughlin博士展示了他在為財富300強企業創建和領導三個全球網絡安全計劃、建立全球安全運營中心以及設計和實施全球網絡安全架構方面的專業知識。他是全球網絡安全調查的老手,領導過800多起調查案件,並且是一位熟練的執行管理者,領導過全球網絡安全和企業安全團隊。Kevin是一位備受追捧的演講者,曾在RSA大會上發表演講,並就各種網絡安全議題向董事會提供過建議。他還是執行級保護和確保關鍵製造、製造、消費品和醫療環境安全的專家。
