Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Resources for a More Secure 2015

With 2015 on the horizon, you may be thinking about and making plans for improving the effectiveness of your security operations in the coming year. Whether you consider these changes "resolutions" or not, what’s most important – other than actually following through – is focusing your efforts on people and process improvements first, before implementing new technologies.

So, while we strongly encourage you to evaluate and buy SecurityCenter Continuous View™, Nessus® Enterprise or Nessus, our fundamental mission is to defend cyberspace from the activities of hackers, thieves and spies – and thus, help ensure the integrity of your business. With that in mind, we’ve put together a list of resources to help get your 2015 resolutions on the right track.

We hope this collection spurs ideas, discussion and greater security for your organization in 2015. Enjoy the holidays!

Present
computer

Webcast

Look Back, and Smile on Perils Past... Hosted by Jack Daniel and Gavin Millard – 2pm ET, December 11, 2014. There’s no predicting the next major vulnerability. When it happens, you need a well-conceived, fully operationalized vulnerability management practice.

Books

  • Threat Modeling: Designing for Security, by Adam Shostock – With pages of specific actionable advice, Shostock details how to build better security into the design of systems, software, or services from the outset.
  • Into the Breach: Protect Your Business by Managing People, Information, and Risk, by Michael Santarcangelo II – Into the Breach answers the question, “What happens when breach is only a symptom?” Santarcangelo offers a bold and refreshing look at addressing the challenges of protecting information to reveal the real challenge as a human paradox.
  • The Phoenix Project: A Novel about IT, DevOps, and Helping Your Business Win, by Gene Kim, Kevin Behr and George Spafford – In a fast-paced and entertaining style, three luminaries of the DevOps movement deliver a story that anyone who works in IT will recognize. Readers will not only learn how to improve their own IT organizations, they'll never view IT the same way again.
  • PCI Compliance, Fourth Edition: Understand and Implement Effective PCI Data Security Standard Compliance, by Branden Williams and Anton Chuvakin - The new Fourth Edition has been revised to follow the new PCI DSS standard version 3.0.
  • The Practice of Network Security Monitoring: Understanding Incident Detection and Response, by Richard Bejtlich – The most effective computer security strategies integrate network security monitoring (NSM): the collection and analysis of data to help you detect and respond to intrusions.
  • Normal Accidents, by Charles Perrow – Analyzes the social side of technological risk and argues that the conventional engineering approach to ensuring safety – building in more warnings and safeguards – fails because systems complexity makes failures inevitable.
  • Systemantics: How Systems Work and Especially How They Fail, by John Gail with drawings by R.O. Blechman – On a more humorous note, this out of print classic is highly giftable and often relevant to security, as well. Did you think "Dilbert" was the first humor casualty of the internet age? Far from it!
  • Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon, by Kim Zetter – Tells the story behind the virus that sabotaged Iran’s nuclear efforts and shows how its existence has ushered in a new age of warfare...
book
shopping bag

Research Reports

Note: Links to Amazon.com provided for your convenience only.