Building an Intelligence-Led Security Program ReviewsBuilding Program News]

[wpramazon asin=”0128021454″]
[wpramazon asin=”1522912754″]

Related Building Program Products

3 Responses to Building an Intelligence-Led Security Program ReviewsBuilding Program News]

  • B Gutz says:
    5 of 5 people found the following review helpful
    3.0 out of 5 stars
    Valuable ideas that you can leverage for greater security., January 13, 2015
    By 
    B Gutz (MN) –

    Verified Purchase(What’s this?)
    This review is from: Building an Intelligence-Led Security Program (Paperback)
    For myself the one thing more than anything else the author has missed is that the center of network and system security is always what and where is the data, where are the crown jewels? Its not that its not encompassed in the pages but for myself I think this is the one thing in security and in this book and most others that needs to be in plain English so it doesn’t get lost. My other little quibble is the book has more material cited than a college text book and even though this is the correct way to do things its a little overwhelming. The last two chapters seem to be more forced on to the book rather than integrated but still worth a look. Still pointing out different resources and what can be gained and how it can be integrated is extremely helpful. Rcommended but do have a little patience with the style, the material itself is well worth while!

    Overall I would certainly buy this book again, and it presents a wide scope of useful information, and the authors overall depth and considerations are solid. This book belongs in the library of anyone concerned with such a subject and network intelligence.

    Help other customers find the most helpful reviews 

    Was this review helpful to you? Yes
    No

  • Amber says:
    6 of 11 people found the following review helpful
    1.0 out of 5 stars
    Very Disappointing, January 26, 2015
    By 
    Amber

    This review is from: Building an Intelligence-Led Security Program (Paperback)
    I was very much forward to reading this book as I work in the field. However, I was very disappointed. The book was not only extremely elementary, but had some down-right bad advice.

    I will give a few examples of the very bad advice. The book recommends using the DomainTools Web site in chapter 6. However, readers should be advised that there is an intel leak with this site and if the security personnel is researching a domain or IP from a nation-state actor it could be very detrimental. Also, the author recommends submitting samples to VirusTotal. Any experienced Cyber Security Professional should know that submitting a possible nation-state sponsored piece of malware to this site could be very bad news. For example, if the malware is tailored to your company, then the threat actor will be able to see that you have found and are analyzing their malware (yes, many advanced and targeted threat actors check VirusTotal for submissions of their malware) – this could cause the threat actor to quickly spread out on your company’s network in order to maintain persistence, making containment and eradication exponentially worse.

    I could keep going on about problems I have with this book, but I will stop here. I do not recommend this book.

    Help other customers find the most helpful reviews 

    Was this review helpful to you? Yes
    No

  • Matthew Monte says:
    1 of 1 people found the following review helpful
    5.0 out of 5 stars
    Tie your defense together, October 9, 2015
    By 

    This review is from: Building an Intelligence-Led Security Program (Paperback)
    Mr. Liska makes the case that the process of security, how you think about and then fashion and execute an effective defense, is more important than the specific technologies deployed. His guiding principle is that the intelligence lifecycle, from data collection through analysis through dissemination, forms the backbone of evaluating and implementing any of a number of individual defensive tools.

    The book offers a wealth of specific tools and processes, and most importantly, how a business can phase in the implementation. For that reason alone, I would recommend it, as we all know many business approach security at the extremes: either not caring at all or just trying to throw money at the problem.

    Overall, while I may not necessarily agree with every tactic, this book does a great job of detailing the current state of the art and how those technologies could fit into an overall plan. It is useful to anyone looking to setup a coherent security process.

    Disclaimer: I am a colleague of Allan’s though we have never worked for the same company.

    Help other customers find the most helpful reviews 

    Was this review helpful to you? Yes
    No

Leave a Reply

Your email address will not be published. Required fields are marked *