Richard O. Moore, III - Cyber Intelligence-Driven Risk

1 Cover

2 Title Page Cyber Intelligence-Driven Risk How to Build and Use Cyber Intelligence for Business Risk Decisions RICHARD O. MOORE III, MSIA, CISSP, CISM

3 Copyright

4 Preface NOTES

5 Acknowledgments

6 Introduction NOTES NOTES

7 CHAPTER 1: Objectives of a Cyber Intelligence-Driven Risk Program NOTES NOTES

8 CHAPTER 2: Importance of Cyber Intelligence for Businesses NOTES NOTES

9 CHAPTER 3: Military to Commercial Viability of the CI-DR™ Program NOTES NOTES

10 CHAPTER 4: CI-DR™ Security Program Components NOTES NOTE

11 CHAPTER 5: Functional Capabilities of the CI-DR TMProgram NOTES NOTES

12 CHAPTER 6: CI-DR™ Key Capability Next-Generation Security Operations Center NOTES NOTES

13 CHAPTER 7: CI-DR™ Key Capability Cyber Threat Intelligence NOTES NOTES

14 CHAPTER 8: CI-DR™ Key Capability Forensic Teams NOTES

15 CHAPTER 9: CI-DR™ Key Capability Vulnerability Management Teams NOTES NOTES

16 CHAPTER 10: CI-DR™ Key Capability Incident Response Teams NOTES

17 CHAPTER 11: CI-DR™ Collection Components NOTES NOTE

18 CHAPTER 12: CI-DR™ Stakeholders NOTES

19 Conclusion

20 Glossary

21 About the Author and Chapter AuthorsRICHARD O. MOORE III, MSIA, CISSP, CISM, AUTHOR AND EDITOR STEVEN JOHNSON, DSC, CISM, CISSP, CCE #1463 DEREK OLSON, CISSP, CISM STEVEN M DUFOUR, ISO LEADER AUDITOR, CERTIFIED QUALITY MANAGER

22 Index

23 End User License Agreement

1 Introduction FIGURE I.1 CI-DR's business value.

2 Chapter 2 FIGURE 2.1 CI-DR™ Cyber intelligence life cycle.

3 Chapter 4FIGURE 4.1 CI-DR™ maturity.FIGURE 4.2 CI-DR™ functions and capabilities.

4 Chapter 5FIGURE 5.1 Vulnerability trending metrics.FIGURE 5.2 Risk and control success.FIGURE 5.3 Asset risk assessment.FIGURE 5.4 Assets to architecture.FIGURE 5.5 Assets to coordination.FIGURE 5.6 Application threat trending.FIGURE 5.7 Exception trending.

5 Chapter 7FIGURE 7.1 Threat reporting.

6 Chapter 12FIGURE 12.1 CI-DR and AI compatibility.

1 Cover Page

2 Table of Contents

3 Begin Reading

1 iii

2 iv

3 vii

4 viii

5 ix

6 x

7 xi

8 xii

9 xiii

10 xv

11 xvi

12 xvii

13 xviii

14 xix

15 xx

16 xxi

17 1

18 2

19 3

20 4

21 5

22 6

23 7

24 8

25 9

26 10

27 11

28 12

29 13

30 14

31 15

32 16

33 17

34 18

35 19

36 20

37 21

38 22

39 23

40 24

41 25

42 26

43 27

44 28

45 29

46 30

47 31

48 32

49 33

50 34

51 35

52 36

53 37

54 38

55 39

56 41

57 42

58 43

59 44

60 45

61 46

62 47

63 48

64 49

65 50

66 51

67 52

68 53

69 54

70 55

71 56

72 57

73 58

74 59

75 60

76 61

77 63

78 64

79 65

80 66

81 67

82 68

83 69

84 70

85 71

86 72

87 73

88 74

89 75

90 76

91 77

92 78

93 79

94 80

95 81

96 82

97 83

98 84

99 85

100 87

101 88

102 89

103 90

104 91

105 92

106 93

107 94

108 95

109 96

110 97

111 98

112 99

113 100

114 101

115 102

116 103

117 105

118 106

119 107

120 108

121 109

122 110

123 111

124 112

125 113

126 114

127 115

128 116

129 117

130 118

131 119

132 120

133 121

134 122

135 123

136 124

137 125

138 126

139 127

140 128

141 129

142 130

143 131

144 132

145 133

146 135

147 136

148 137

149 139

150 140

151 141

152 142

153 143

154 144

155 145

156 146

157 147

158 149

159 150

160 151

161 152

162 153

163 154

164 155

165 156

166 157

167 158

168 159

169 160

170 161

171 162

RICHARD O. MOORE III, MSIA, CISSP, CISM

Copyright © 2021 by John Wiley & Sons, Inc. All rights reserved.

Published by John Wiley & Sons, Inc., Hoboken, New Jersey.

Published simultaneously in Canada.

No part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning, or otherwise, except as permitted under Section 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization through payment of the appropriate per-copy fee to the Copyright Clearance Center, Inc., 222 Rosewood Drive, Danvers, MA 01923, (978) 750-8400, fax (978) 646-8600, or on the Web at www.copyright.com. Requests to the Publisher for permission should be addressed to the Permissions Department, John Wiley & Sons, Inc., 111 River Street, Hoboken, NJ 07030, (201) 748-6011, fax (201) 748-6008, or online at www.wiley.com/go/permissions.

Limit of Liability/Disclaimer of Warranty: While the publisher and author have used their best efforts in preparing this book, they make no representations or warranties with respect to the accuracy or completeness of the contents of this book and specifically disclaim any implied warranties of merchantability or fitness for a particular purpose. No warranty may be created or extended by sales representatives or written sales materials. The advice and strategies contained herein may not be suitable for your situation. You should consult with a professional where appropriate. Neither the publisher nor author shall be liable for any loss of profit or any other commercial damages, including but not limited to special, incidental, consequential, or other damages.

For general information on our other products and services or for technical support, please contact our Customer Care Department within the United States at (800) 762-2974, outside the United States at (317) 572-3993, or fax (317) 572-4002.

Wiley publishes in a variety of print and electronic formats and by print-on-demand. Some material included with standard print versions of this book may not be included in e-books or in print-on-demand. If this book refers to media such as a CD or DVD that is not included in the version you purchased, you may download this material at http://booksupport.wiley.com. For more information about Wiley products, visit www.wiley.com.

Library of Congress Cataloging-in-Publication Data

Names: Moore, Richard O., III, 1971- author.

Title: Cyber intelligence-driven risk : how to build and use cyber intelligence for business risk decisions / by Richard O. Moore III, MSIA, CISSP, CISM.

Description: Hoboken, New Jersey : John Wiley & Sons, [2021] | Includes bibliographical references and index.

Identifiers: LCCN 2020035540 (print) | LCCN 2020035541 (ebook) | ISBN 9781119676843 (cloth) | ISBN 9781119676911 (adobe pdf) | ISBN 9781119676898 (epub)

Subjects: LCSH: Business enterprises—Security measures. | Data protection. | Cyber intelligence (Computer security) | Risk management.