相關主題
商品描述
Cyber Insecurity: Examining the Past, Defining the Future deals with the multifaceted world of cybersecurity, starting with the premise that while perfection in cybersecurity may be unattainable, significant improvements can be made through understanding history and fostering innovation. Vladas Leonas shares his journey from Moscow to Australia, highlighting his academic and professional milestones.
This book covers the evolution of cybersecurity from the late 1960s to the present, detailing significant events and technological advancements. The author emphasises the importance of simplicity in technology projects, citing complexity as a major hindrance to success. The book also discusses the impact of the digital revolution, using the example of a global IT outage caused by a faulty software update.
Project management methodologies are explored, tracing their origins from ancient civilisations to modern techniques such as CPM and PERT. The concept of cloud computing is examined, highlighting its benefits and potential security issues. The evolution and advantages of SaaS solutions are also discussed, noting their increased adoption during the COVID-19 pandemic.
The author then addresses supply chain challenges, using real-world examples to illustrate vulnerabilities. He traces the history of communication methods leading up to TCP/IP and discusses the development and importance of DNS. The differences between compliance and conformance in cybersecurity are clarified, emphasising that compliance does not equate to security.
Key cybersecurity standards such as the NIST CSF and ISO/IEC 27000 series are examined. The book also covers the Essential 8, a set of cybersecurity controls developed by the Australian Signals Directorate. The convergence of OT and IoT is discussed, highlighting the cybersecurity risks associated with this integration.
Emerging threats from AI and quantum computing are explored, noting their potential to both advance and threaten cybersecurity. The evolving legal landscape of cybersecurity is also covered, emphasising the need for international cooperation and innovative legal solutions.
In conclusion, the book stresses the importance of critical thinking and a holistic approach to cybersecurity, advocating for simplicity and foundational practices to enhance security.
商品描述(中文翻譯)
《網路安全的脆弱性:檢視過去,定義未來》探討了網路安全的多面向世界,從一個前提開始,即雖然在網路安全上達到完美可能是無法實現的,但透過理解歷史和促進創新,可以取得顯著的改善。Vladas Leonas 分享了他從莫斯科到澳洲的旅程,突顯了他的學術和職業里程碑。
本書涵蓋了從1960年代末到現在的網路安全演變,詳細說明了重要事件和技術進步。作者強調了技術專案中簡單性的重要性,並指出複雜性是成功的主要障礙。書中還討論了數位革命的影響,以全球IT故障的例子來說明,該故障是由於一個有缺陷的軟體更新所引起的。
本書探討了專案管理方法論,追溯其起源從古代文明到現代技術,如CPM和PERT。雲端運算的概念也被檢視,突顯其優點和潛在的安全問題。SaaS解決方案的演變和優勢也被討論,並指出在COVID-19疫情期間其採用率的增加。
接著,作者針對供應鏈挑戰進行了探討,使用現實世界的例子來說明脆弱性。他追溯了通訊方法的歷史,直至TCP/IP,並討論了DNS的發展和重要性。書中澄清了網路安全中合規性和一致性之間的差異,強調合規性並不等於安全性。
本書檢視了關鍵的網路安全標準,如NIST CSF和ISO/IEC 27000系列。書中還涵蓋了Essential 8,這是一組由澳洲信號局開發的網路安全控制措施。OT和IoT的融合也被討論,突顯了與此整合相關的網路安全風險。
本書探討了來自AI和量子計算的新興威脅,指出它們在推進和威脅網路安全方面的潛力。網路安全的法律環境也被涵蓋,強調了國際合作和創新法律解決方案的必要性。
總之,本書強調了批判性思維和整體性方法在網路安全中的重要性,倡導簡單性和基礎實踐以增強安全性。
作者簡介
Vladas Leonas has over 45 years of experience in ICT and cybersecurity, which includes a variety of public and private sector industries as well as tertiary education organisations. He is also a member of the Commonwealth and NSW Governments ICT Assurance Panels and a formally trained auditor (ISO 9001 and ISO27001). Over the last seven years, Vladas consulted a number of organisations, including UNSW, icare (NSW State Workers Compensation Insurance Company) and a variety of NSW Government Departments. He is also the author of 50+ publications and an internationally recognised speaker. He is an Adjunct Professor at the Australian Graduate School of Leadership and a Principal Supervisor of four doctoral students. He is a subject matter expert and specialises in ICT strategies, their implementation and ICT operations, gateway reviews and internal audits, enterprise risk management, cybersecurity, governance, procurement and compliance. Over the last 25 years, Dr Leonas has held eight CIO and CTO positions. He earned a doctoral degree at the Moscow Aviation Institute and a GAICD from AICD via AGSM in Sydney. He is a Fellow of the Australian Computer Society and a Fellow of the Institute of Engineers Australia.
作者簡介(中文翻譯)
弗拉達斯·萊奧納斯在資訊與通信技術(ICT)及網路安全領域擁有超過45年的經驗,涵蓋了多個公共及私營部門行業以及高等教育機構。他同時是英聯邦及新南威爾士州政府ICT保證小組的成員,並且是一名經過正式訓練的審計師(ISO 9001和ISO 27001)。在過去七年中,弗拉達斯為多個機構提供諮詢服務,包括新南威爾士大學(UNSW)、icare(新南威爾士州工人賠償保險公司)以及多個新南威爾士州政府部門。他也是50多篇出版物的作者,並且是一位國際知名的演講者。他是澳大利亞領導力研究生院的兼任教授,並且是四名博士生的主要指導教授。他是一位主題專家,專注於ICT策略、其實施及ICT運營、門戶審查和內部審計、企業風險管理、網路安全、治理、採購及合規。在過去25年中,萊奧納斯博士擔任過八個首席資訊官(CIO)和首席技術官(CTO)職位。他在莫斯科航空學院獲得博士學位,並通過悉尼的AGSM獲得AICD的GAICD。他是澳大利亞計算機學會的院士,也是澳大利亞工程師學會的院士。
