Free Shipping in Australia
Proud to be B-Corp

Cybersecurity First Principles: A Reboot of Strategy and Tactics Rick Howard

Cybersecurity First Principles: A Reboot of Strategy and Tactics By Rick Howard

Cybersecurity First Principles: A Reboot of Strategy and Tactics by Rick Howard

Condition - Very Good
Out of stock

Cybersecurity First Principles: A Reboot of Strategy and Tactics Summary

Cybersecurity First Principles: A Reboot of Strategy and Tactics by Rick Howard

The first expert discussion of the foundations of cybersecurity

In Cybersecurity First Principles, Rick Howard, the Chief Security Officer, Chief Analyst, and Senior fellow at The Cyberwire, challenges the conventional wisdom of current cybersecurity best practices, strategy, and tactics and makes the case that the profession needs to get back to first principles. The author convincingly lays out the arguments for the absolute cybersecurity first principle and then discusses the strategies and tactics required to achieve it.

In the book, you'll explore:

  • Infosec history from the 1960s until the early 2020s and why it has largely failed
  • What the infosec community should be trying to achieve instead
  • The arguments for the absolute and atomic cybersecurity first principle
  • The strategies and tactics to adopt that will have the greatest impact in pursuing the ultimate first principle
  • Case studies through a first principle lens of the 2015 OPM hack, the 2016 DNC Hack, the 2019 Colonial Pipeline hack, and the Netflix Chaos Monkey resilience program
  • A top to bottom explanation of how to calculate cyber risk for two different kinds of companies

This book is perfect for cybersecurity professionals at all levels: business executives and senior security professionals, mid-level practitioner veterans, newbies coming out of school as well as career-changers seeking better career opportunities, teachers, and students.

About Rick Howard

RICK HOWARD is the Chief Analyst and Senior Fellow at The CyberWire, the world's largest cybersecurity podcast network, and the CSO of N2K (The CyberWire's parent company). He's been a CSO for Palo Alto Networks, TASC, and a former Commander for the U.S. Army's Computer Emergency Response Team. He helped found the Cyber Threat Alliance (an ISAO for security vendors) and the Cybersecurity Canon Project (a Rock & Roll Hall of Fame for cybersecurity books).

Table of Contents

Who We Are xxi

Introduction 1

Who Is This Book For?

What the Book Covers

Writing Conventions

Road Map

1 First Principles 9


What Are First Principles?

What Is the Atomic Cybersecurity First Principle?


2 Strategies 41


Strategies vs. Tactics

What Are the Essential Strategies Required for a First

Principle Infosec Program?

Zero Trust Strategy Overview-

Intrusion Kill Chain Prevention Strategy Overview

Resilience Strategy Overview

Risk Forecasting Strategy Overview

Automation Strategy Overview


3 Zero Trust 57


The Use Case for Zero Trust: Edward Snowden

Zero Trust: Overhyped in the Market but.

Cyber Hygiene, Defense in Depth, and Perimeter Defense:

Zero Trust Before We Had Zero Trust

Zero Trust Is Born

Zero Trust Is a Philosophy, Not a Product

Meat- and- Potatoes Zero Trust

Logical and Micro Segmentation

Vulnerability Management: A Zero Trust Tactic

Software Bill of Materials: A Zero Trust Tactic

Identity Management: A Tactic for Zero Trust

Single Sign- On: A Zero Trust Tactic

Two- Factor Authentication: A Tactic for Zero Trust

Software- Defined Perimeter: A Tactic for Zero Trust

Why Zero Trust Projects Fail


4 Intrusion Kill Chain Prevention 121


The Beginnings of a New Idea

The Lockheed Martin Kill Chain Paper

Kill Chain Models

Cyber Threat Intelligence Operations as a Journey

Red/Blue/Purple Team Operations: A Tactic for Intrusion

Kill Chain Prevention

Intelligence Sharing: A Tactic for Intrusion Kill Chain



5 Resilience 203


What Is Resilience?

Crisis Handling: A Tactic for Resilience

Backups: A Tactic for Resilience

Encryption: A Tactic for Resilience

Incident Response: A Tactic for Resilience


6 Risk Forecasting 255


Superforecasting, Fermi Estimates, and Black Swans

Bayes Rule: A Different Way to Think About

Cybersecurity Risk

Risk Forecasting with the Bayes Rule: A Practical



7 Automation 307


Why Security Automation Is Essential

Early History of Software Development Philosophies

DevSecOps: An Essential Tactic for Automation

Compliance: A First Principle Tactic That Cuts Across

All Strategies

Chaos Engineering for Automation and Resilience


8 Summation 341


Zero Trust


Index 351

Additional information

Cybersecurity First Principles: A Reboot of Strategy and Tactics by Rick Howard
Used - Very Good
John Wiley & Sons Inc
Book picture is for illustrative purposes only, actual binding, cover or edition may vary.
This is a used book - there is no escaping the fact it has been read by someone else and it will show signs of wear and previous use. Overall we expect it to be in very good condition, but if you are not entirely satisfied please get in touch with us

Customer Reviews - Cybersecurity First Principles: A Reboot of Strategy and Tactics