This is the 2021 Update as a complete guide to building your own in-house Cyber Threat Hunt Capability. This is a book for advanced cybersecurity personnel and does demand additional resources to support its implementation. In this SECOND EDITION, the author adds several key improvements. He adds a chapter on Mission Planning. How to create a tactical planning process from your Incident Response team to your Cybersecurity Threat Intelligence (CTI) analysts to your Hunt team.
He also introduces readers to the growing interest and capabilities of Cyber-Deception as the next step in cyber defense. This book is designed to implement the most extensive Cybersecurity-Threat Hunt Process (THP) for companies and agencies seeking to proactively determine whether intrusions into their Information Technology (IT) environments are actual and malicious. C-THP is the active ability for businesses or organizations to investigate, mitigate, and stop the “bad guys” in their tracks.
How do you select, collect, align, and integrate data and information for tracking daily operations and overall organizational security? How can you ensure that plans include every C-THP task and that all possibilities are considered and responded to by the Incident Response Team? How can you save time investigating and responding to strategic and tactical threats with limited resources? This book is designed to help you create a compelling and repeatable THP.
From the best-selling International Cybersecurity author and lecturer, Dr. Mark Russo. He holds multiple cybersecurity certifications from several international bodies, including the International Information System Security Certification Consortium (ISC2), the premier certification body for cybersecurity, and the International Council of Electronic Commerce Consultants (EC Council).
Dr. Russo has extensive experience applying cybersecurity and threat intelligence expertise for over 20 years as a retired intelligence officer from the United States Army. His books are published in multiple languages to include Spanish, German, and French. He is considered to be a foremost authority on Cybersecurity Threat Intelligence (CTI) and the C-THP. He is the former Chief Information Security Officer (CISO) at the Department of Education.
He was responsible for clearing an over 5-year backlog in security findings by the Inspector General’s Office and the House Oversight Committee. Don’t be fooled by writers who have neither professional certifications nor experience in the field of cybersecurity. Dr. Russo has worked the grassroots challenges of cyberspace throughout his detailed and extensive public and private sector security career. He will guide you based on a proven track record of answers to better understand and implement solutions efficiently and rapidly.