Drawing upon years of practical experience and using numerous examples and illustrative case studies, Threat Forecasting: Leveraging Big Data for Predictive Analysis discusses important topics, including the danger of using historic data as the basis for predicting future breaches, how to use security intelligence as a tool to develop threat forecasting techniques, and how to use threat data visualization techniques and threat simulation tools. Readers will gain valuable security insights into unstructured big data, along with tactics on how to use the data to their advantage to reduce risk.
- Presents case studies and actual data to demonstrate threat data visualization techniques and threat simulation tools
- Explores the usage of kill chain modelling to inform actionable security intelligence
- Demonstrates a methodology that can be used to create a full threat forecast analysis for enterprise networks of any size
Infosec and IT Professionals, security analysts, data analysts, chief privacy officers, risk officers.
- About The Authors
- Why Threat Forecasting is Relevant
- What You Will Learn and How You Will Benefit
- Book Organization and Structure
- Closing Thoughts
- 1: Navigating Today’s Threat Landscape
- Why Threat Forecasting
- Going Beyond Historical Threat Reporting
- The State of Regulatory Compliance
- Best Practices, Standards, and Frameworks
- Today’s Information Assurance Needs
- 2: Threat Forecasting
- 3: Security Intelligence
- 4: Identifying Knowledge Elements
- Defining Knowledge Elements
- Types of Knowledge Elements
- Publicly Defined Knowledge Elements
- 5: Knowledge Sharing and Community Support
- Sharing Knowledge Elements
- Community Sharing
- Commercial Offerings
- Staying Ahead of the Adversary
- 6: Data Visualization
- 7: Data Simulation
- 8: Kill Chain Modeling
- 9: Connecting the Dots
- Historical Threat Reporting
- State of the Security Industry
- Leveraging New and Existing Tools
- Real World Examples
- Applying Threat Forecasting Techniques
- 10: The Road Ahead
- John Pirc
- David DeSanto
- Iain Davison
- Will Gragido
- No. of pages:
- © Syngress 2016
- 17th May 2016
- eBook ISBN:
- Paperback ISBN:
John Pirc has more than 19 years of experience in Security R&D, worldwide security product management, marketing, testing, forensics, consulting, and critical infrastructure architecting and deployment. Additionally, John is an advisor to HP’s CISO on Cyber Security and lectured at the US Naval Post Graduate School.
John extensive expertise in the Security field stems from past work experience with the US Intelligence Community, as Chief Technology Officer at CSG LTD, Product Manager at Cisco, Product Line Executive for all security products at IBM Internet Security Systems, Director at McAfee's Network Defense Business Unit, Director of Product Management at HP Enterprise Security Products, Chief Technology Officer at NSS Labs, Co-Founder and Chief Strategy Officer at Bricata, LLC and most recently as Director of Security Solutions for Forsythe Technology.
In addition to a BBA from the University of Texas, John also holds the NSA-IAM and CEH certifications. He has been named security thought leader from SANS Institute and speaks at top tier security conferences worldwide and has been published in Time Magazine, Bloomberg, CNN and other tier 1 media outlets.
Director, Security Solutions, Forsythe Technology and Co-Founder & Advisor, Bricata, LLC
David DeSanto is a network security professional with over 15 years of security research, security testing, software development and product strategy experience. He is a strong technical leader with a firm understanding of TCP/IP, software development experience including automation frameworks and a deep knowledge in securing the enterprise network.
David is the Director, Products & Threat Research for Spirent Communications where he drives product strategy for all Application Security testing solutions. He also manages the security engineering team responsible for the research, development and validation of new security attacks (i.e., exploits, malware, DDoS attacks) as well as development of all engine components that support them. Prior to Spirent, David’s career has included roles at the industry’s top security research and testing labs where his expertise guided these organizations in creating industry-leading security tests and solutions for enterprises, services providers and network equipment vendors.
David holds a Master of Science in Cybersecurity from New York University School of Engineering and Bachelor of Science in Computer Science from Millersville University. He is a frequent speaker at major international conferences on topics including threat intelligence, cloud security, GNSS security issues and the impacts of SSL decryption on today’s next generation security products.
Director, Products & Threat Research, Spirent Communications, Inc.
Iain Davison has over 16 years of security experience with many skills ranging from penetration testing to creating and building intrusion prevention devices. This include knowledge of programming languages, scripting and compiling software. I his last position Iain performed network architecture, hardware design, software design and implementation.
He currently lives in Clinton, MD with his Laura and two kids Shaun age 6 and Emma age 1, he also has a dog and a cat. Iain enjoys creating home automation devices from raspberry pi kits along with home media and simple robotics.
Along with his experience in the cyber-security industry, Iain has also written a book with a few of colleagues on threat forecasting, it will be published in the second quarter of this year. The book discusses some techniques used to gather intelligence, the importance of all data not just the obvious. Looking at data from a different perspective, something other than the norm.
Now that he is on the Exabeam team, he may be willing to write yet another book based around UBA and all the things it can it can do in the enterprise.
Security Engineer, Exabeam
Will Gragido possesses over 21 years of information security experience. A former United States Marine, Mr. Gragido began his career in the data communications information security and intelligence communities. After USMC, Mr. Gragido worked within several information security consultancy roles performing and leading red teaming, penetration testing, incident response, security assessments, ethical hacking, malware analysis and risk management program development. Mr.Gragido has worked with a variety of industry leading research organizations including International Network Services, Internet Security Systems / IBM Internet Security Systems X-Force, Damballa, Cassandra Security, HP DVLabs, RSA NetWitness, and now Digital Shadows. Will has deep expertise and knowledge in operations, analysis, management, professional services & consultancy, pre-sales / architecture and strong desire to see the industry mature and enterprises & individuals become more secure. Will holds a CISSP and has accreditations with the National Security Agency's Information Security Assessment Methodology (IAM) and Information Security Evaluation Methodology (IEM). Mr.Gragido is a graduate of DePaul University and is currently in graduate school. An internationally sought after speaker, Will is the co-author of Cybercrime and Espionage: An Analysis of Subversive Multi-Vector Threats and Blackhatonomics: An Inside Look At The Economics of Cybercrime.
Head of Digital Shadows Labs, Digital Shadows, Ltd.
"The authors have rooted this text in real-world implementations and approaches, but with enough of a grounding in the concepts that what you learn here will remain relevant as, inevitably, the nature of the threats we face, and of the kinds of threat forecasting that emerge to tackle them, continue to evolve." --Network Security
"If you’re looking for a book to give a solid overview of what threat forecasting can do for your organization, you don’t have to look further. It’s concise and coherent, provides great real-world examples, is short enough to read in one or two sittings, and provides good advice on getting colleagues and management to support the effort..." --Help Net Security, Threat Forecasting