50% Off The Criterion Collection Shop Now
Practical Cloud Security: A Cross-Industry View / Edition 1

Practical Cloud Security: A Cross-Industry View / Edition 1

Practical Cloud Security: A Cross-Industry View / Edition 1
Add to Wishlist
ISBN-10:
1498729436
ISBN-13:
9781498729437
Pub. Date:
08/02/2016
Publisher:
Taylor & Francis
ISBN-10:
1498729436
ISBN-13:
9781498729437
Pub. Date:
08/02/2016
Publisher:
Taylor & Francis
Practical Cloud Security: A Cross-Industry View / Edition 1

Practical Cloud Security: A Cross-Industry View / Edition 1

Overview

Melvin Greer and Kevin Jackson have assembled a comprehensive guide to industry-specific cybersecurity threats and provide a detailed risk management framework required to mitigate business risk associated with the adoption of cloud computing. This book can serve multiple purposes, not the least of which is documenting the breadth and severity of the challenges that today’s enterprises face, and the breadth of programmatic elements required to address these challenges. This has become a boardroom issue: Executives must not only exploit the potential of information technologies, but manage their potential risks.

Key Features

  • • Provides a cross-industry view of contemporary cloud computing security challenges, solutions, and lessons learned

    • Offers clear guidance for the development and execution of industry-specific cloud computing business and cybersecurity strategies

    • Provides insight into the interaction and cross-dependencies between industry business models and industry-specific cloud computing security requirements

    • Product Details

    ISBN-13: 9781498729437
    Publisher: Taylor & Francis
    Publication date: 08/02/2016
    Pages: 260
    Product dimensions: 6.20(w) x 9.30(h) x 0.80(d)

    About the Author

    Melvin B. Greer Jr., is Managing Director of the Greer Institute for Leadership and Innovation, focused on research and development. Melvin uses his knowledge in graph analytics, machine learning and cognitive computing to accelerate transformation of data into a strategic asset for federal agencies and global enterprises. His systems and software engineering experience has resulted in patented inventions in cloud computing, synthetic biology and IoT bio-sensors for edge analytics. Greer is a member of the American Association for the Advancement of Science (AAAS) and US National Academy of Science, Engineering and Medicine.

    Kevin L. Jackson is a globally recognized cloud computing expert, independent thought leader with IBM and Dell, founder and author of award-winning "Cloud Musings" blog and US Black Engineer & Information Technology Magazine Cybervisionary. Jackson has also been recognized as a "Top 100 Cybersecurity Influencer and Brand" by Onalytica (2015), a Huffington Post Top 100 Cloud Computing Experts on Twitter (2013), a "Top 50 Cloud Computing Blogger for IT Integrators" by CRN (2015) and a "Top 5 Must Read Cloud Blog" by BMC Software (2015). He is also a Fellow of the National Cyber Security Institute.

    Table of Contents

    Foreword xi

    Extended Multimedia Content xvii

    Introduction xix

    Chapter 1 Cloud User Perceptions 1

    Chapter 2 Economics of Cloud Computing 3

    Chapter 3 Process and Sources 17

    Chapter 4 Industry-Specific Findings 19

    4.1 Official Titles 19

    4.2 Highest Level of Education 20

    4.3 Industry Representation 21

    4.4 Organizational Reporting 21

    4.5 Ability to Enforce Compliance 24

    4.6 Method that Best Prepares Someone to Become a CISO 25

    4.7 Cyberattacks: A Major Threat to Industry 26

    4.8 Top Five It/Cybersecurity Priorities in the Next 12 Months 27

    4.9 Which Security Standards/Frameworks are Most Effective? 28

    4.10 Workforce and Talent 29

    Chapter 5 Cloud Computing 31

    5.1 Rise of the Internet 32

    5.2 The Transformation 32

    5.3 Key Characteristics of Cloud Computing 32

    5.4 Cloud Computing Deployment Models 34

    5.4.1 Public Cloud 34

    5.4.2 Benefits of Public Clouds 35

    5.4.3 Private Cloud 36

    5.4.4 Benefits of Private Clouds 37

    5.4.5 Hybrid Cloud 37

    5.4.6 Benefits of Hybrid Clouds 37

    5.4.7 Community Cloud 38

    5.5 Cloud Computing Service Models 38

    5.6 General Cloud Computing Benefits 40

    5.7 Cloud Use Cases 42

    5.8 Cloud Computing Technologies 46

    5.8.1 Commodity Hardware 46

    5.8.2 Network Speed 47

    5.8.3 Pervasive High-Quality Access 47

    5.8.4 Data Storage Architectures 48

    5.8.5 Data Centers 50

    5.8.6 Visualization 51

    5.8.7 Hypervisor 52

    5.8.8 Hardware Virtualization Types 53

    5.8.9 Desktop Virtualization 53

    5.8.10 Software Virtualization 54

    5.8.11 Memory Virtualization 55

    5.8.12 Storage Virtualization 55

    5.8.13 Data Virtualization 55

    5.8.14 Network Virtualization 56

    5.8.15 Emerging Cloud Technologies 56

    5.9 Cloud Adoption Trends 57

    5.9.1 Data Sent to High-Risk Cloud Services 60

    Chapter 6 Cybersecurity 63

    6.1 Introduction 63

    6.2 Managing Risk in the Cloud 66

    6.2.1 The Risk Management Framework 68

    6.2.2 Cloud Providers Risk Management Process 72

    6.2.3 Cloud Consumers Risk Management Process 73

    6.3 Cybercrime 80

    6.3.1 The Hype 80

    6.3.2 The Facts 81

    6.3.3 Cyberattack Vectors 82

    6.3.4 Occurrence of Cyberattacks 83

    6.3.5 Cost of Successful Cyberattacks 84

    6.4 Education and Training 84

    6.5 Trends 85

    6.6 Global 86

    Chapter 7 Cloud Computing Vulnerabilities 89

    7.1 Organizational Reporting 99

    7.1.1 IT/Cybersecurity Executive Title 99

    7.2 Organizational Budget Management 99

    7.3 Operational Planning 101

    7.3.1 Key Required Resources 101

    7.3.2 Key Future Initiatives 101

    7.3.3 Quality of Network IT/Cybersecurity 102

    7.3.4 Number of Security Breaches Experienced in the Past 2 Years 103

    7.3.5 Most Recent IT/Cybersecurity Risk Assessment 104

    7.3.6 Source for Comparative IT/Cybersecurity Metrics 104

    7.3.7 Security Standards/Frameworks Used 105

    7.3.8 New Technology Strategy Posture 106

    7.3.9 Cybersecurity Staffing Source 106

    7.3.10 Cyber Defense Priorities 107

    7.4 Threat Expectations 108

    7.4.1 Type of Attack 108

    7.4.2 Type of Attackers 108

    7.4.3 Application Security Risks 109

    7.5 Cybersecurity Operations 111

    7.5.1 Number of Security Positions 111

    7.5.2 Key CISO Activities 112

    Chapter 8 General Cybersecurity Threat by Industry 117

    8.1 Energy/Utilities 120

    8.1.1 Vertical View (AlertLogic_Energy Sector_Cloud Security Report.pdf) 120

    8.1.2 Energy-Specific Vulnerabilities 120

    8.2 Banking/Finance 122

    8.2.1 Vertical View 122

    8.2.2 General 122

    8.3 Healthcare 125

    8.3.1 Vertical View 125

    8.3.2 General 126

    8.3.3 Retail Pharmacies 126

    8.4 Information Technology Outsourcing 127

    8.4.1 General 127

    8.5 Education 128

    8.5.1 General 128

    8.6 Cybersecurity Consulting Service 128

    8.7 Government/Military 131

    8.7.1 US Federal Sector 131

    8.7.1.1 Federal 132

    8.7.1.2 Insider Threats 133

    8.7.1.3 Stolen Credentials 133

    8.7.1.4 The Need for Compliance 133

    8.7.1.5 Controlling Costs and Risk 133

    8.7.1.6 Civilian Agencies 134

    8.7.1.7 Defense 134

    8.7.1.8 Intelligence Community 135

    8.7.2 State and Local 136

    8.7.2.1 State Security Breach Disclosure Laws 136

    Chapter 9 Application Security by industry 139

    9.1 Policy Compliance 139

    9.2 Internally Versus Externally Developed Applications 140

    9.3 Application Flaw Density 140

    9.4 Application Remediation 141

    9.5 High-Profile Vulnerabilities 142

    Chapter 10 Cloud Computing and Cybersecurity Education Challenges 145

    10.1 Industry Vertical Knowledge 145

    10.1.1 Regulated Industries 145

    10.1.2 Unregulated Industries 146

    10.2 A Global Cybersecurity View 146

    10.3 Global Legal Framework Knowledge 147

    10.4 CISO Training, Education, and Certification 149

    10.5 Hybrid it Infrastructure Management 152

    10.6 Risk Management Frameworks 154

    10.7 Key Educational Topics: Critical Threats to Cloud Security 156

    10.8 Next Steps for Educating the Cybersecurity Workforce 159

    10.9 National Cybersecurity Workforce Framework 163

    10.10 United States Nice 163

    References 171

    Chapter 11 Next-Generation Business Models and Strategies 175

    11.1 Strategic Reinvention 175

    11.1.1 Customer Value Propositions 175

    11.1.2 Value Chains 176

    11.2 Better Decisions 176

    11.3 Deeper Collaboration 177

    Reference 177

    Appendix A Oncloud Training Security Offerings 179

    Appendix B Relevant Articles and Publications 181

    Appendix C Cloud Computing for the Business of Government 193

    Appendix D Implementation of Cloud Brokerage 197

    Appendix E The Web Services and Service-Oriented Architecture Revolution-Using Web Services to Deliver 203

    Appendix F Software as a Service Inflection Point-Using Cloud Computing to Achieve Business Agility 207

    Appendix G Fitara and FedRAMP-Accelerating Federal Cloud Adoption 213

    Index 221

    From the B&N Reads Blog
    Page 1 of

    Related Subjects

    Computers
    Networking & Telecommunications
    Security - Computer Networks
    Computers
    Networking & Telecommunications
    Security - Computer Networks

    Customer Reviews