The Cybersecurity Trinity: Artificial Intelligence, Automation, and Active Cyber Defense - Softcover

Wendt, Donnie W.

 
9798868809460: The Cybersecurity Trinity: Artificial Intelligence, Automation, and Active Cyber Defense
Softcover
ISBN 13: 9798868809460
Verlag: Apress, 2024

Inhaltsangabe

This book explores three crucial topics for cybersecurity professionals: artificial intelligence (AI), automation, and active cyber defense (ACD). The Cybersecurity Trinity will provide cybersecurity professionals with the necessary background to improve their defenses by harnessing the combined power of these three concepts. The book is divided into four sections, one addressing each underlying concept and the final section discussing integrating them to harness their full potential.

With the expected growth of AI and machine learning (ML), cybersecurity professionals must understand its core concepts to defend AI and ML-based systems. Also, most cybersecurity tools now incorporate AI and ML. However, many cybersecurity professionals lack a fundamental understanding of AI and ML. The book's first section aims to demystify AI and ML for cybersecurity practitioners by exploring how AI and ML systems work, where they are vulnerable, and how to defend them.

Next, we turn our attention to security automation. Human-centered cyber defense processes cannot keep pace with the threats targeting organizations. Security automation can help defenders drastically increase the speed of detection and response. This section will discuss core use cases that security teams can implement, including intelligence processing, incident triage, detection, and response. This section will end with strategies for a successful security automation implementation and strategies that can lead to failure.

Accelerating the defense is but one side of the equation. Defenders can also implement ACD methods to disrupt and slow the attacker. Of course, ACD spans a broad spectrum, including some that could raise legal and ethical concerns. This section will explore some ACD methods and discuss their applicability, as well as the need to include business, legal, and ethical considerations when implementing them.

Security teams often treat AI, automation, and ACD as disparate solutions, addressing specific problems. However, there is much overlap, and security teams must develop a cohesive approach to realize the full potential. The last section combines these three concepts to form a comprehensive strategy. The resulting strategy will have AI as the foundation, incorporating automation to speed up defense and ACD to disrupt the attacker.

 

What You Will Learn:

  • Understand the many uses of AI and ML and the concepts underpinning these technologies.
  • Learn how to protect AI and ML systems by recognizing the vulnerabilities throughout their lifecycle.
  • Integrate AI and ML-based systems to enhance cybersecurity.
  • Develop security automation processes to enhance situation awareness, speed the time to respond, and increase the bandwidth of the limited security operations staff.
  • Develop an ACD strategy to slow the attackers while minimizing legal and ethical concerns.
  • Design a comprehensive strategy with AI as the foundation, incorporating automation to speed up defense and ACD to disrupt the attacker.

 

Who This Book is for:

The primary audience is cybersecurity professionals looking to improve their organization's security posture by leveraging AI and ML-based security tools and combining them into a comprehensive strategy incorporating automation and ACD. This target audience will have a cybersecurity background and an interest in AI and ML.

Higher education would be a secondary audience.

Die Inhaltsangabe kann sich auf eine andere Ausgabe dieses Titels beziehen.

Über die Autorin bzw. den Autor

Donnie Wendt is a distinguished cybersecurity professional with extensive expertise in researching security threats and pioneering innovative solutions. He has broad practical experience implementing numerous cybersecurity solutions and is an accomplished presenter on securing machine learning, generative AI, security automation, and deception. In addition to his professional experience, Donnie is an adjunct professor of cybersecurity at Utica University. He earned a Doctorate in Computer Science from Colorado Technical University and a Master's in Cybersecurity from Utica University. After over 30 years in information technology, Donnie wants to share his knowledge with others.

The initial concept for the book arose from Donnie's doctoral dissertation, where he researched using security automation and deception to address both sides of the cyber defense equation. Over the past several years, AI has come to the forefront and is now used in many products, including cybersecurity solutions. Donnie realized that AI-powered solutions could provide the foundation to enhance his prior research. However, despite the prevalence of AI, many cybersecurity professionals do not understand its core concepts. Therefore, Donnie began his quest to educate colleagues on AI's power and associated risks.

Von der hinteren Coverseite

This book explores three crucial topics for cybersecurity professionals: artificial intelligence (AI), automation, and active cyber defense (ACD). The Cybersecurity Trinity will provide cybersecurity professionals with the necessary background to improve their defenses by harnessing the combined power of these three concepts. The book is divided into four sections, one addressing each underlying concept and the final section discussing integrating them to harness their full potential.

With the expected growth of AI and machine learning (ML), cybersecurity professionals must understand its core concepts to defend AI and ML-based systems. Also, most cybersecurity tools now incorporate AI and ML. However, many cybersecurity professionals lack a fundamental understanding of AI and ML. The book's first section aims to demystify AI and ML for cybersecurity practitioners by exploring how AI and ML systems work, where they are vulnerable, and how to defend them.

Next, we turn our attention to security automation. Human-centered cyber defense processes cannot keep pace with the threats targeting organizations. Security automation can help defenders drastically increase the speed of detection and response. This section will discuss core use cases that security teams can implement, including intelligence processing, incident triage, detection, and response. This section will end with strategies for a successful security automation implementation and strategies that can lead to failure.

Accelerating the defense is but one side of the equation. Defenders can also implement ACD methods to disrupt and slow the attacker. Of course, ACD spans a broad spectrum, including some that could raise legal and ethical concerns. This section will explore some ACD methods and discuss their applicability, as well as the need to include business, legal, and ethical considerations when implementing them.

Security teams often treat AI, automation, and ACD as disparate solutions, addressing specific problems. However, there is much overlap, and security teams must develop a cohesive approach to realize the full potential. The last section combines these three concepts to form a comprehensive strategy. The resulting strategy will have AI as the foundation, incorporating automation to speed up defense and ACD to disrupt the attacker.

 

What You Will Learn:

  • Understand the many uses of AI and ML and the concepts underpinning these technologies.
  • Learn how to protect AI and ML systems by recognizing the vulnerabilities throughout their lifecycle.
  • Integrate AI and ML-based systems to enhance cybersecurity.
  • Develop security automation processes to enhance situation awareness, speed the time to respond, and increase the bandwidth of the limited security operations staff.
  • Develop an ACD strategy to slow the attackers while minimizing legal and ethical concerns.
  • Design a comprehensive strategy with AI as the foundation, incorporating automation to speed up defense and ACD to disrupt the attacker.

„Über diesen Titel“ kann sich auf eine andere Ausgabe dieses Titels beziehen.

Verlag
Apress
Erscheinungsdatum
2024
Sprache
Englisch
ISBN 13 
9798868809460
Einband
Taschenbuch
Auflage
1
Anzahl der Seiten
424
Kontakt zum Hersteller
ProductSafety@springernature.com
ProductSafety@springernature.com

Poststr. 9
Darmstadt
64293
Deutschland