Enterprise Cybersecurity: How to Build a Successful Cyberdefense Program Against Advanced Threats

Enterprise Cybersecurity empowers organizations of all sizes to defend themselves with next-generation cybersecurity programs against the escalating threat of modern targeted cyberattacks. This book presents a comprehensive framework for managing all aspects of an enterprise cybersecurity program. It enables an enterprise to architect, design, implement, and operate a coherent cybersecurity program that is seamlessly coordinated with policy, programmatics, IT life cycle, and assessment.

Fail-safe cyberdefense is a pipe dream. Given sufficient time, an intelligent attacker can eventually defeat defensive measures protecting an enterprise’s computer systems and IT networks.

To prevail, an enterprise cybersecurity program must manage risk by detecting attacks early enough and delaying them long enough that the defenders have time to respond effectively. Enterprise Cybersecurit shows players at all levels of responsibility how to unify their organization’s people, budgets, technologies, and processes into a cost-efficient cybersecurity program capable of countering advanced cyberattacks and containing damage in the event of a breach.

The authors of Enterprise Cybersecurity explain at both strategic and tactical levels how to accomplish the mission of leading, designing, deploying, operating, managing, and supporting cybersecurity capabilities in an enterprise environment. The authors are recognized experts and thought leaders in this rapidly evolving field, drawing on decades of collective experience in cybersecurity and IT. In capacities ranging from executive strategist to systems architect to cybercombatant, Scott E. Donaldson, Stanley G. Siegel, Chris K. Williams, and Abdul Aslam have fought on the front lines of cybersecurity against advanced persistent threats to government, military, and business entities.

What you’ll learn

Executives, managers, architects, IT professionals, customers and vendors of cybersecurity services, and engineering students will learn from this book

• How to create a data-driven and objectively-managed cybersecurity program optimally tailored to your organization
• How to organize, assess, and score cybersecurity programs using the authors’ enterprise cybersecurity architecture scheme
• The methodology of targeted attacks and why they succeed
• The processes of cybersecurity risk management, capability assessment, scope selection, operations, and supporting information systems
• How to audit and report your cybersecurity program in compliance with regulatory frameworks
• How cybersecurity is evolving and projected to evolve

About the Authors

Scott E. Donaldson is a Senior Vice President for Leidos, Inc., a Fortune 500 company that provides scientific, engineering, systems integration, and technical services. He is the Chief Technology Officer (CTO) and IT Director for its Heath and Engineering Sector.

Stanley G. Siegel has more than 40 years of experience as a systems engineer, mathematician, computer scientist, and nuclear physicist. He teaches software systems engineering at Johns Hopkins University, and has co-authored four books on the subject.

Chris K. Williams is an Enterprise Cybersecurity Architect at Leidos, Inc. He has been designing, deploying, and operating cybersecurity solutions for government and commercial clients for over 20 years, and holds a patent for e-commerce technology.

Abdul Aslam is the Director of Cyber Security Compliance and Risk Management for Leidos, Inc. He has 19 years of experience in devising risk acceptance and compliance frameworks, application security, security operations and information protection.