The Cybersecurity Trinity: Artificial Intelligence, Automation, and Active Cyber Defense

Wendt, Donnie

  • 出版商: Apress
  • 出版日期: 2025-01-08
  • 售價: $2,060
  • 貴賓價: 9.5$1,957
  • 語言: 英文
  • 頁數: 390
  • 裝訂: Quality Paper - also called trade paper
  • ISBN: 9798868809460
  • ISBN-13: 9798868809460
  • 相關分類: 人工智慧資訊安全
  • 尚未上市,無法訂購

相關主題

商品描述

This book explores three crucial topics for cybersecurity professionals: artificial intelligence (AI), automation, and active cyber defense (ACD). The Cybersecurity Trinity will provide cybersecurity professionals with the necessary background to improve their defenses by harnessing the combined power of these three concepts. The book is divided into four sections, one addressing each underlying concept and the final section discussing integrating them to harness their full potential.

With the expected growth of AI and machine learning (ML), cybersecurity professionals must understand its core concepts to defend AI and ML-based systems. Also, most cybersecurity tools now incorporate AI and ML. However, many cybersecurity professionals lack a fundamental understanding of AI and ML. The book's first section aims to demystify AI and ML for cybersecurity practitioners by exploring how AI and ML systems work, where they are vulnerable, and how to defend them.

Next, we turn our attention to security automation. Human-centered cyber defense processes cannot keep pace with the threats targeting organizations. Security automation can help defenders drastically increase the speed of detection and response. This section will discuss core use cases that security teams can implement, including intelligence processing, incident triage, detection, and response. This section will end with strategies for a successful security automation implementation and strategies that can lead to failure.

Accelerating the defense is but one side of the equation. Defenders can also implement ACD methods to disrupt and slow the attacker. Of course, ACD spans a broad spectrum, including some that could raise legal and ethical concerns. This section will explore some ACD methods and discuss their applicability, as well as the need to include business, legal, and ethical considerations when implementing them.

Security teams often treat AI, automation, and ACD as disparate solutions, addressing specific problems. However, there is much overlap, and security teams must develop a cohesive approach to realize the full potential. The last section combines these three concepts to form a comprehensive strategy. The resulting strategy will have AI as the foundation, incorporating automation to speed up defense and ACD to disrupt the attacker.

What You Will Learn:

  • Understand the many uses of AI and ML and the concepts underpinning these technologies.
  • Learn how to protect AI and ML systems by recognizing the vulnerabilities throughout their lifecycle.
  • Integrate AI and ML-based systems to enhance cybersecurity.
  • Develop security automation processes to enhance situation awareness, speed the time to respond, and increase the bandwidth of the limited security operations staff.
  • Develop an ACD strategy to slow the attackers while minimizing legal and ethical concerns.
  • Design a comprehensive strategy with AI as the foundation, incorporating automation to speed up defense and ACD to disrupt the attacker.

Who This Book is for:

The primary audience is cybersecurity professionals looking to improve their organization's security posture by leveraging AI and ML-based security tools and combining them into a comprehensive strategy incorporating automation and ACD. This target audience will have a cybersecurity background and an interest in AI and ML.

Higher education would be a secondary audience.

商品描述(中文翻譯)

本書探討了對於網路安全專業人士來說三個關鍵主題:人工智慧(AI)、自動化和主動網路防禦(ACD)。《網路安全三位一體》將為網路安全專業人士提供必要的背景知識,以利用這三個概念的綜合力量來改善其防禦。本書分為四個部分,分別針對每個基本概念,最後一部分則討論如何整合這些概念以發揮其全部潛力。

隨著AI和機器學習(ML)的預期增長,網路安全專業人士必須理解其核心概念,以保護基於AI和ML的系統。此外,現在大多數網路安全工具都整合了AI和ML。然而,許多網路安全專業人士對AI和ML缺乏基本的理解。本書的第一部分旨在為網路安全從業者揭開AI和ML的神秘面紗,探討AI和ML系統的運作方式、其脆弱之處以及如何防禦它們。

接下來,我們將注意力轉向安全自動化。以人為中心的網路防禦過程無法跟上針對組織的威脅。安全自動化可以幫助防禦者大幅提高檢測和響應的速度。本部分將討論安全團隊可以實施的核心使用案例,包括情報處理、事件分級、檢測和響應。本部分將以成功實施安全自動化的策略和可能導致失敗的策略作結。

加速防禦只是方程式的一個方面。防禦者還可以實施ACD方法來干擾和減緩攻擊者的行動。當然,ACD涵蓋了廣泛的範疇,其中一些可能引發法律和倫理問題。本部分將探討一些ACD方法,並討論其適用性,以及在實施時需要考慮商業、法律和倫理因素的必要性。

安全團隊通常將AI、自動化和ACD視為各自獨立的解決方案,針對特定問題。然而,這三者之間有許多重疊,安全團隊必須發展出一個有凝聚力的方法,以實現其全部潛力。最後一部分將這三個概念結合起來,形成一個綜合策略。最終的策略將以AI為基礎,結合自動化以加速防禦,並利用ACD來干擾攻擊者。

您將學到的內容:
- 理解AI和ML的多種用途及其背後的概念。
- 學習如何通過識別AI和ML系統在其生命周期中的脆弱性來保護這些系統。
- 整合基於AI和ML的系統以增強網路安全。
- 發展安全自動化流程,以增強情境意識、加快響應時間並提高有限的安全運營人員的工作效率。
- 制定ACD策略,以減緩攻擊者的行動,同時最小化法律和倫理問題。
- 設計一個以AI為基礎的綜合策略,結合自動化以加速防禦和ACD以干擾攻擊者。

本書的讀者對象:
主要讀者是希望通過利用基於AI和ML的安全工具並將其結合成一個包含自動化和ACD的綜合策略來改善其組織安全狀態的網路安全專業人士。這一目標讀者將具備網路安全背景並對AI和ML感興趣。

高等教育將是次要讀者對象。

作者簡介

Donnie Wendt is a distinguished cybersecurity professional with extensive expertise in researching security threats and pioneering innovative solutions. He has broad practical experience implementing numerous cybersecurity solutions and is an accomplished presenter on securing machine learning, generative AI, security automation, and deception. In addition to his professional experience, Donnie is an adjunct professor of cybersecurity at Utica University. He earned a Doctorate in Computer Science from Colorado Technical University and a Master's in Cybersecurity from Utica University. After over 30 years in information technology, Donnie wants to share his knowledge with others.

The initial concept for the book arose from Donnie's doctoral dissertation, where he researched using security automation and deception to address both sides of the cyber defense equation. Over the past several years, AI has come to the forefront and is now used in many products, including cybersecurity solutions. Donnie realized that AI-powered solutions could provide the foundation to enhance his prior research. However, despite the prevalence of AI, many cybersecurity professionals do not understand its core concepts. Therefore, Donnie began his quest to educate colleagues on AI's power and associated risks.

作者簡介(中文翻譯)

Donnie Wendt 是一位傑出的網路安全專業人士,擁有廣泛的研究安全威脅和開創創新解決方案的專業知識。他在實施多種網路安全解決方案方面擁有豐富的實務經驗,並且在機器學習、安全自動化和欺騙技術的安全性方面是一位出色的演講者。除了專業經驗外,Donnie 還是 Utica University 的網路安全兼任教授。他在 Colorado Technical University 獲得計算機科學博士學位,並在 Utica University 獲得網路安全碩士學位。在資訊科技領域工作超過 30 年後,Donnie 希望與他人分享他的知識。

這本書的初步概念源自 Donnie 的博士論文,他在論文中研究了如何利用安全自動化和欺騙技術來解決網路防禦的雙面問題。在過去幾年中,人工智慧 (AI) 已經成為焦點,並且現在被應用於許多產品中,包括網路安全解決方案。Donnie 意識到,基於 AI 的解決方案可以為他之前的研究提供基礎。然而,儘管 AI 的普及,許多網路安全專業人士仍然不理解其核心概念。因此,Donnie 開始了教育同事有關 AI 的力量和相關風險的探索之旅。