This comprehensive introduction to the information security field covers the industry’s essential concepts, using real-world security breaches to illustrate key lessons.
Cybersecurity is critical to protecting data, systems, and people. Whether you’re new to the field, an IT professional strengthening your skills, or a manager shaping security policy, Foundations of Cybersecurity provides the knowledge and practice you need.
Building on the first edition (Foundations of Information Security), this updated guide covers the essentials: authentication, authorization, and auditing; cryptography; security architecture; threat assessment; network and OS hardening; application and IoT security; incident response; compliance; and the human factors attackers exploit.
You’ll learn how to:
- Apply the core principles of security across systems and networks
- Defend against emerging threats like AI-driven attacks and IoT vulnerabilities
- Manage incident response and governance, risk, and compliance (GRC)
- Strengthen defenses against social engineering and insider threats
- Explore career paths and skills for a future in cybersecurity
What’s New in This Edition
Includes a new chapter on AI security, expanded coverage of security operations and governance, and practical “Down the Rabbit Hole” labs in every chapter to help you practice real-world skills.
Whether you’re new to the field, strengthening your skills, or guiding a team, this book will help you build a solid foundation for protecting systems, data, and people.
Inhaltsverzeichnis
Acknowledgments
Introduction
PART I: CORE PRINCIPLES
Chapter 1: What Is Cybersecurity?
Chapter 2: The Threat Landscape
Chapter 3: Identification and Authentication
Chapter 4: Authorization and Access Controls
Chapter 5: Auditing and Accountability
Chapter 6: Cryptography
PART II: ARCHITECTURE, INFRASTRUCTURE, AND SYSTEM SECURITY
Chapter 7: Security Architecture
Chapter 8: Network Security
Chapter 9: Operating System Security
Chapter 10: Mobile, Embedded, and Internet of Things Security
Chapter 11: Application Security
Chapter 12: AI Security
PART III: SECURITY OPERATIONS AND MANAGEMENT
Chapter 13: SecOps, the SOC, and Incident Response
Chapter 14: Governance, Risk, and Compliance
Chapter 15: Vulnerability Assessments and Penetration Testing
PART IV: HUMAN FACTORS AND PROFESSIONAL DEVELOPMENT
Chapter 16: Social Engineering
Chapter 17: Security Awareness
Chapter 18: So You Want to Be a Security Professional
Notes
Index
