Cybersecurity Strategy for the AI-Driven Era: Proven strategies and data-driven tactics to disrupt attacks and strengthen enterprise defenses, 3rd Edition

Build, evaluate, and measure effective cybersecurity strategies using real-world threat intelligence and lessons from decades of enterprise defense experience.

Key Features

• Apply data-driven strategies to protect, detect, and respond to modern cyber threats
• Evaluate Zero Trust, attack-centric, and resilience strategies for enterprise defense
• Address ransomware, API abuse, cloud risks, and AI system security
• Purchase of the print or Kindle book includes a free PDF eBook

Book Description

Designing a cybersecurity strategy that actually works is difficult when threats evolve faster than budgets, teams, and tools. This book helps security leaders cut through noise by focusing on how organizations are compromised, which strategies succeed, and how to measure outcomes.

Written by Tim Rains, a former Global Chief Security Advisor at Microsoft and senior security leader at AWS and Fortune-scale enterprises, this edition expands on the previous editions with major updates and new chapters. You will learn how threat intelligence, attack-centric security, intrusion kill chains, and MITRE ATT&CK can help defenders design stronger strategies.

New and expanded content covers ransomware, API security, “living off the land” attacks, resilience as a cybersecurity strategy, and the security of AI systems alongside practical guidance on using AI to improve security outcomes. This book takes a practical, evidence-based approach to cybersecurity strategy, helping you assess trade-offs, avoid costly missteps, and communicate clearly with executives and boards.

By the end of this book, you’ll be able to evaluate cybersecurity strategies more effectively, improve enterprise defenses, and communicate security priorities clearly to executives and boards.

What you will learn

• Identify common enterprise intrusion paths and reduce initial compromise
• Distinguish credible threat intelligence from industry noise
• Improve vulnerability management while reducing risk and cost
• Assess malware, ransomware, and internet-based attack techniques
• Secure APIs and reduce exposure from trusted enterprise tools
• Evaluate Zero Trust and attack-centric security strategies
• Apply cloud, resilience, and AI capabilities to improve security outcomes
• How governments request data and how enterprises manage access, risk, and oversight

Who this book is for

This book is for CISOs, CSOs, security leaders, architects, and cybersecurity professionals responsible for strategy, risk reduction, and compliance in enterprise environments. Readers should have a basic understanding of IT, networking, and core cybersecurity concepts.

Table of Contents

1. How Enterprises Get Hacked
2. What to Know About Threat Intelligence
3. Industry Vulnerability Disclosure Trends
4. Product Vulnerability Disclosure Trends
5. The Evolution of Malware
6. Internet-Based Threats
7. Application Programming Interface Security
8. Friend or Foe? The Roles Governments Play in Cybersecurity
9. Ingredients for a Successful Cybersecurity Strategy
10. Cybersecurity Strategies
11. Cybersecurity Strategy Implementation
12. Measuring Performance and Effectiveness
13. Modern Approaches to Security and Compliance
14. Mitigating “Living Off the Land” Techniques
15. Artificial Intelligence: Security of AI Systems and Using AI for Better Cybersecurity