This is the summary of the book titled “The Cybersecurity playbook
– How every leader and Employee can contribute to a culture of security.” written
by Allison Cerra and published by Wiley in 2019. The author draws upon years of
fighting hacking and cybercrimes to produce a practical checklist for employees
at all levels and disciplines such that the mindset for cybersecurity becomes
part of the culture. These good habits can thwart attacks and boost
preparedness. She calls on product designers to build security into network
connected products from the ground up. She calls on human resources to increase
awareness, capabilities, and resilience. Security breaches must be clearly communicated,
and the response plan must be detailed. Since risk management is part of the cybersecurity
initiatives, the finance office must also be involved. CISOs or the Chief
Information Security Officer can co-ordinate and maintain the ultimate
responsibility.
Corporate cybersecurity relies heavily on employee good
habits, as one in five security breaches involves a negligent employee's
mistake. Key practices include creating strong passwords, changing them
frequently, and not reusing them. Employees should be familiar with common
hacker tactics, such as phishing emails, and should check with IT security
before using cloud services and tools. Encrypted thumb drives, reporting
suspicious emails, and never leaving sensitive information unattended are
essential.
Convincing employees to adopt these practices is challenging, as those
responsible for cybersecurity often operate in the shadows. CISOs and their
teams must weave safe practices and habits into the organization's culture to
prepare for attacks and minimize damage. Cybersecurity preparedness requires
the combined efforts of all parts of the organization, led by a CISO. The
talent market for cybersecurity professionals is also struggling, with new
techniques appearing daily.
Cybercriminals organize online communities on the Dark Web, sharing information
and strategies. CEOs and board members must recognize that cybersecurity is a
continuous escalating battle with measures and countermeasures, and no single
tool can solve the problem.
Cybersecurity is a crucial investment for businesses, and it
should be prioritized in every board meeting. The CISO should present and
update the board on strategic risk management, explaining how the firm is
protecting its most important assets. Regular updates from the CISO can help
earmark security budgets for protecting these assets. Product designers must
build security into network-connected products and devices from the ground up,
as recent hacker attacks have highlighted the need for greater risk in every
adoption of technology. Developers should make security a priority in product
design, building security features as requirements and assigning accountability
for continuous security monitoring and upkeep throughout the product life
cycle.
Human resources play a crucial role in building
cybersecurity awareness, capabilities, and resilience. A talent shortage in IT
security talent is prevalent, with HR professionals sourcing candidates from
atypical places and with less obvious credentials, such as women. HR should
lead the charge in training employees in good cybersecurity practices, adjust
reward programs, review personnel access to sensitive data, add questions to
job interviews, and ensure every executive has at least one
cybersecurity-related metric in their performance plan.
Developing and practicing a detailed communications and response plan to major
security breaches is essential. Hacker stealth is a frightening aspect of
cybersecurity, and firms should report breaches immediately to reduce damage
and serve customers ethically. Preparing ahead of a breach involves scenario
planning, developing a full communications plan, and preparing responses for
tough questions.
CISOs must reframe their conversations with CFOs from a focus on ROI to one of
risk management, estimating financial damage and potential avoidance of losses.
CFOs should hold CISOs accountable for their past resource use and training.
CFOs and CISOs must ensure the corporate supply chain
adheres to IT security standards, including outsourcing partners, suppliers,
and new products or platforms. CISOs must balance policing employees with
preventing a free-for-all that puts the firm at risk. They must translate
threats to strategy and risks, ensuring that potential attacks put revenue and
strategic objectives at risk. CISOs should also share phishing test results and
maintain basic security best practices. AI is a weapon in both the company's
cybersecurity arsenal and its enemies' arsenals. They must work closely with
CIOs, agreeing on metrics, penetration testing schedules, and planned
purchases. AI can automate threat detection but also results in more false
positives, requiring resources to investigate. Organizations must develop a
"sixth sense" for detecting threats and breaches, which can only be
achieved when cybersecurity infuses the culture.
Previous book summary: BookSummary94.docx
Summarizing
Software: SummarizerCodeSnippets.docx
#codingexercise
Given a string of digits, count the number of subwords (consistent subsequences) that are anagrams of any palindrome.
Public class solution {
Public static int getSubWords(String digits) {
Int count = 0;
for (int k = 1; k < digits.length; k++) {
for (int I = 0; I <digits.length; I++) {
Int end = I + k;
If (end < digits.length) {
String word = digits.substring(words, I, end);
If (isAnagram(word)) {
count++;
}
}
}
}
return count;
}
Public boolean isAnagram(String word) {
Map<Char, Integer> charMap = new HashMap<>();
for (int I = 0; I < word.length; I++) {
If (charMap.containsKey(word.charAt(I))) {
charMap[word.charAt(i)] = charMap.get(word.charAt(I)) + 1;
} else {
charMap.put(word.charAt(I), 1);
}
}
If (charMap.size() %2 == 1) {
// count of only one element must be odd
return charMap.values().stream().filter(x-> x%2 == 1).count() == 1;
}
Else {
// count of all elements must be even
return charMap.values().stream().filter(x -> x%2 == 0).count() == charMaps.size();
}
}
}
test:
14641
2
No comments:
Post a Comment