PDF Borderless Behavior Analytics Second Edition Who Inside? What're They Doing? Saryu Nayyar 9781986763332 Books

Product details Paperback 424 pages Publisher CreateSpace Independent Publishing Platform; 2 edition (April 2, 2018) Language English ISBN-10 1986763331

Borderless Behavior Analytics Second Edition Who Inside? What're They Doing? Saryu Nayyar 9781986763332 Books Reviews

• Very powerful book. The insights were very informative.
• “Borderless Behavior Analytics - Who’s Inside? What’re They Doing?” v2 features chapters by a dozen of America’s top CISOs and CSOs providing expert insights into the evolution of cyber security environments and the emergence of identity as the source of most of today’s more serious attacks.
  
  “This book, now in its second edition, represents one of the important new entries in the CIO and CISO’s library,” Vishal Solvi CISO, Infosys.
  
  2017 was not a stellar year for cybersecurity. The 11th installment of the Verizon Data Breach Investigations Report (DBIR) mentions that there were over 53,000 incidents and 2,216 confirmed data breaches. The Equifax data breach alone last year affected around 148 million Americans. 78% of breaches were perpetrated by outsiders, with 23% involving insiders (Note, some studies have this figure closer to 50%). Financial motives have been the major driver, followed by strategic advantage such as espionage. During 2017, Healthcare had the ignominious claim to fame as being the only industry vertical that had more internal individuals behind breaches than external.
  
  Today, the security boarder has all but disappeared. Security leaders should assume attackers are inside and that they must be detected. The most effective way to detect them and to find high risk is through their behavior. the task to identify and stop these attacks, only with human capacity, is impossible It requires a precise predictive behavior analytic solution, driven by advanced machine learning, drawing from big data for context, identifying the threats in near real-time . With machine learning, you can identify these proverbial needles in the haystack.
  
  Security and threats are not simply black (bad). There are virtually “50 shades of gray” within risky behavior and threats, which User Entity and Behavior Analytics help, identify and rate. These threats can originate from virtually anywhere. North Korea and Eastern Europe are cited the most often. Cybercriminals have extended their targets beyond just the Health Care, Financial, and government. Therefore, the contributors span a broad range of industries.
  
  Patrick Berry has performed a beyond meritorious job of tightening up and refreshing relevant text from version one, bringing additional clarity, and adding the insights from an additional five CIOs/CSOs to the second version, each individual delivering their own unique spin on the threats in their environment.
  
  BBA v2 should anchor a prominent location in your security library.
• This is one of my new favorite books in the identity and cybersecurity space. Saryu has brought together insights from over a dozen CISOs and CIOs give their views on the state of cybersecurity in the age of zero trust. The common thread in all of their perspectives is "the amplified view of the value of identity and access." I love the book not only because it covers a wide array of identity topics but because it is visionary in its view of what's important now and in the immediate future. I particularly appreciate that, in the end, Saryu takes the input of those contributing security professionals and uses them to provide clear requirements and use cases for what's next such things as Predictive Security Analysis, Identity Analytics, and User and Entity Behavior Analytics. A fantastic read for any security and/or identity professional.
• Dan Lohrmann at Gov Tech magazine said this about the first edition of this book "I am going so far as to say this is a MUST READ for understanding the next generation of security solutions..." This edition, with five new chapters, and updated content throughout, does not disappoint. Dherange's chapter on "Big Data in Security Analytics" provides two new "V's" describing big data (beyond the established Volume, Velocity, Variety, Veracity, Variability and Value) with 'Venue' and 'Vector'. These are critical concepts for understanding the emerging complexion of big data today, which is too often siloed and partitioned off, creating crippling inefficiencies. As well, Dherange states the term 'big data' is no longer adequately sufficient... Instead, he coins the term 'megascale data' as the new apt term for 'big data'... A visionary book, this is just one of many critical insights for the industry professional, and business leaders, as well as the interested layperson, written with a superb and accessible style.