Practical Cloud Security: A Cross-Industry View / Edition 1 available in Hardcover
![Practical Cloud Security: A Cross-Industry View / Edition 1](http://img.images-bn.com/static/redesign/srcs/images/grey-box.png?v11.9.4)
Practical Cloud Security: A Cross-Industry View / Edition 1
- ISBN-10:
- 1498729436
- ISBN-13:
- 9781498729437
- Pub. Date:
- 08/02/2016
- Publisher:
- Taylor & Francis
- ISBN-10:
- 1498729436
- ISBN-13:
- 9781498729437
- Pub. Date:
- 08/02/2016
- Publisher:
- Taylor & Francis
![Practical Cloud Security: A Cross-Industry View / Edition 1](http://img.images-bn.com/static/redesign/srcs/images/grey-box.png?v11.9.4)
Practical Cloud Security: A Cross-Industry View / Edition 1
Hardcover
Buy New
$99.95Overview
Key Features
• Offers clear guidance for the development and execution of industry-specific cloud computing business and cybersecurity strategies
• Provides insight into the interaction and cross-dependencies between industry business models and industry-specific cloud computing security requirements
Product Details
ISBN-13: | 9781498729437 |
---|---|
Publisher: | Taylor & Francis |
Publication date: | 08/02/2016 |
Pages: | 260 |
Product dimensions: | 6.20(w) x 9.30(h) x 0.80(d) |
About the Author
Kevin L. Jackson is a globally recognized cloud computing expert, independent thought leader with IBM and Dell, founder and author of award-winning "Cloud Musings" blog and US Black Engineer & Information Technology Magazine Cybervisionary. Jackson has also been recognized as a "Top 100 Cybersecurity Influencer and Brand" by Onalytica (2015), a Huffington Post Top 100 Cloud Computing Experts on Twitter (2013), a "Top 50 Cloud Computing Blogger for IT Integrators" by CRN (2015) and a "Top 5 Must Read Cloud Blog" by BMC Software (2015). He is also a Fellow of the National Cyber Security Institute.
Table of Contents
Foreword xi
Extended Multimedia Content xvii
Introduction xix
Chapter 1 Cloud User Perceptions 1
Chapter 2 Economics of Cloud Computing 3
Chapter 3 Process and Sources 17
Chapter 4 Industry-Specific Findings 19
4.1 Official Titles 19
4.2 Highest Level of Education 20
4.3 Industry Representation 21
4.4 Organizational Reporting 21
4.5 Ability to Enforce Compliance 24
4.6 Method that Best Prepares Someone to Become a CISO 25
4.7 Cyberattacks: A Major Threat to Industry 26
4.8 Top Five It/Cybersecurity Priorities in the Next 12 Months 27
4.9 Which Security Standards/Frameworks are Most Effective? 28
4.10 Workforce and Talent 29
Chapter 5 Cloud Computing 31
5.1 Rise of the Internet 32
5.2 The Transformation 32
5.3 Key Characteristics of Cloud Computing 32
5.4 Cloud Computing Deployment Models 34
5.4.1 Public Cloud 34
5.4.2 Benefits of Public Clouds 35
5.4.3 Private Cloud 36
5.4.4 Benefits of Private Clouds 37
5.4.5 Hybrid Cloud 37
5.4.6 Benefits of Hybrid Clouds 37
5.4.7 Community Cloud 38
5.5 Cloud Computing Service Models 38
5.6 General Cloud Computing Benefits 40
5.7 Cloud Use Cases 42
5.8 Cloud Computing Technologies 46
5.8.1 Commodity Hardware 46
5.8.2 Network Speed 47
5.8.3 Pervasive High-Quality Access 47
5.8.4 Data Storage Architectures 48
5.8.5 Data Centers 50
5.8.6 Visualization 51
5.8.7 Hypervisor 52
5.8.8 Hardware Virtualization Types 53
5.8.9 Desktop Virtualization 53
5.8.10 Software Virtualization 54
5.8.11 Memory Virtualization 55
5.8.12 Storage Virtualization 55
5.8.13 Data Virtualization 55
5.8.14 Network Virtualization 56
5.8.15 Emerging Cloud Technologies 56
5.9 Cloud Adoption Trends 57
5.9.1 Data Sent to High-Risk Cloud Services 60
Chapter 6 Cybersecurity 63
6.1 Introduction 63
6.2 Managing Risk in the Cloud 66
6.2.1 The Risk Management Framework 68
6.2.2 Cloud Providers Risk Management Process 72
6.2.3 Cloud Consumers Risk Management Process 73
6.3 Cybercrime 80
6.3.1 The Hype 80
6.3.2 The Facts 81
6.3.3 Cyberattack Vectors 82
6.3.4 Occurrence of Cyberattacks 83
6.3.5 Cost of Successful Cyberattacks 84
6.4 Education and Training 84
6.5 Trends 85
6.6 Global 86
Chapter 7 Cloud Computing Vulnerabilities 89
7.1 Organizational Reporting 99
7.1.1 IT/Cybersecurity Executive Title 99
7.2 Organizational Budget Management 99
7.3 Operational Planning 101
7.3.1 Key Required Resources 101
7.3.2 Key Future Initiatives 101
7.3.3 Quality of Network IT/Cybersecurity 102
7.3.4 Number of Security Breaches Experienced in the Past 2 Years 103
7.3.5 Most Recent IT/Cybersecurity Risk Assessment 104
7.3.6 Source for Comparative IT/Cybersecurity Metrics 104
7.3.7 Security Standards/Frameworks Used 105
7.3.8 New Technology Strategy Posture 106
7.3.9 Cybersecurity Staffing Source 106
7.3.10 Cyber Defense Priorities 107
7.4 Threat Expectations 108
7.4.1 Type of Attack 108
7.4.2 Type of Attackers 108
7.4.3 Application Security Risks 109
7.5 Cybersecurity Operations 111
7.5.1 Number of Security Positions 111
7.5.2 Key CISO Activities 112
Chapter 8 General Cybersecurity Threat by Industry 117
8.1 Energy/Utilities 120
8.1.1 Vertical View (AlertLogic_Energy Sector_Cloud Security Report.pdf) 120
8.1.2 Energy-Specific Vulnerabilities 120
8.2 Banking/Finance 122
8.2.1 Vertical View 122
8.2.2 General 122
8.3 Healthcare 125
8.3.1 Vertical View 125
8.3.2 General 126
8.3.3 Retail Pharmacies 126
8.4 Information Technology Outsourcing 127
8.4.1 General 127
8.5 Education 128
8.5.1 General 128
8.6 Cybersecurity Consulting Service 128
8.7 Government/Military 131
8.7.1 US Federal Sector 131
8.7.1.1 Federal 132
8.7.1.2 Insider Threats 133
8.7.1.3 Stolen Credentials 133
8.7.1.4 The Need for Compliance 133
8.7.1.5 Controlling Costs and Risk 133
8.7.1.6 Civilian Agencies 134
8.7.1.7 Defense 134
8.7.1.8 Intelligence Community 135
8.7.2 State and Local 136
8.7.2.1 State Security Breach Disclosure Laws 136
Chapter 9 Application Security by industry 139
9.1 Policy Compliance 139
9.2 Internally Versus Externally Developed Applications 140
9.3 Application Flaw Density 140
9.4 Application Remediation 141
9.5 High-Profile Vulnerabilities 142
Chapter 10 Cloud Computing and Cybersecurity Education Challenges 145
10.1 Industry Vertical Knowledge 145
10.1.1 Regulated Industries 145
10.1.2 Unregulated Industries 146
10.2 A Global Cybersecurity View 146
10.3 Global Legal Framework Knowledge 147
10.4 CISO Training, Education, and Certification 149
10.5 Hybrid it Infrastructure Management 152
10.6 Risk Management Frameworks 154
10.7 Key Educational Topics: Critical Threats to Cloud Security 156
10.8 Next Steps for Educating the Cybersecurity Workforce 159
10.9 National Cybersecurity Workforce Framework 163
10.10 United States Nice 163
References 171
Chapter 11 Next-Generation Business Models and Strategies 175
11.1 Strategic Reinvention 175
11.1.1 Customer Value Propositions 175
11.1.2 Value Chains 176
11.2 Better Decisions 176
11.3 Deeper Collaboration 177
Reference 177
Appendix A Oncloud Training Security Offerings 179
Appendix B Relevant Articles and Publications 181
Appendix C Cloud Computing for the Business of Government 193
Appendix D Implementation of Cloud Brokerage 197
Appendix E The Web Services and Service-Oriented Architecture Revolution-Using Web Services to Deliver 203
Appendix F Software as a Service Inflection Point-Using Cloud Computing to Achieve Business Agility 207
Appendix G Fitara and FedRAMP-Accelerating Federal Cloud Adoption 213
Index 221