Book Review: Cybersecurity – Attack and Defense Strategies

I am often asked to recommend a book that does a good (or great) job at covering the cybersecurity disciplines, problems and solutions from an academic perspective. Many people are looking for a comprehensive look at current technology basics, cutting-edge terminologies, new and old (but still working) approaches and more.

Going further, how does one systematically address cyberthreats, build a cybersecurity program, and maintain ongoing cyberdefenses?

I agreed to review Cybersecurity — Attack and Defense Strategies (Second Edition) because the book offered the promise of all of the above. This excellent book did not disappoint, and I highly recommend it for those looking for a comprehensive (610 pages) manual with a great index of terms at the end.  

Here’s what you will learn:

• The importance of having a solid foundation for your security posture
• Use the cybersecurity kill chain to understand the attacks strategy
• Boost your organization’s cyber resilience by improving your security policies, hardening your network, implementing active sensors, and leveraging threat intelligence
• Utilize the latest defense tool, including Azure Sentinel and the Zero Trust Network strategy
• Identify different types of cyberattacks such as SQL injection, and social engineering threats such as phishing emails
• Perform an incident investigation using Azure Security Center and Azure Sentinel
• Get an in-depth understanding of the disaster recovery process
• Understand how to consistently monitor security and implement a vulnerability management strategy for on-premises and hybrid cloud
• Learn how to perform log analysis using the cloud to identify suspicious activities including logs from Amazon Web Services and Azure

The Authors

Yuri Diogenes is a professor at EC-Council University for their master's degree in cybersecurity and a senior program manager at Microsoft for Azure Security Center. Yuri has a master of science degree in cybersecurity from Utica College, and an MBA from FGV Brazil. He currently holds the following certifications: CISSP, CyberSec First Responder, CompTIA CSA+, E|CEH, E|CSA, E|CHFI, E|CND, CyberSec First Responder, CompTIA, Security+, CompTIA Cloud Essentials, Network+, Mobility+, CASP, CSA+, MCSE, MCTS, and Microsoft Specialist - Azure.

Dr. Erdal Ozkaya is a leading Cybersecurity Professional with business development, management, and academic skills who focuses on securing the Cyber Space and sharing his real-life skills as a Security Advisor, Speaker, Lecturer, and Author.

Erdal is known to be passionate about reaching communities, creating cyber awareness campaigns, and leveraging new and innovative approaches and technologies to holistically address the information security and privacy needs for every person and organization in the world.

He is an award-winning technical expert and speaker: His recent awards include: Cyber Security Professional of the Year MEA, Hall of Fame by CISO Magazine, Cybersecurity Influencer of the Year (2019), Microsoft Circle of Excellence Platinum Club (2017), NATO Center of Excellence (2016) Security Professional of the Year by MEA Channel Magazine (2015), Professional of the Year Sydney (2014), and many speaker of the year awards in conferences.

He also holds Global Instructor of the Year awards from EC Council and Microsoft. Erdal is also a part-time lecturer at Charles Sturt University, Australia.

Erdal has co-authored many cybersecurity books as well as security certification courseware and exams for different vendors, and he has numerous certifications and degrees.

Here is a presentation given by Dr Ozkaya on cyberthreats:



General Topics Covered – Book Outline

1. Security Posture
2. Incident Response Process
3. What is a Cyber Strategy
4. Understanding the Cybersecurity Kill Chain
5. Reconnaissance
6. Compromising the System
7. Chasing a User's Identity
8. Lateral Movement
9. Privilege Escalation
10. Security Policy
11. Network Segmentation
12. Active Sensors
13. Threat Intelligence
14. Investigating an Incident
15. Recovery Process
16. Vulnerability Management
17. Log Analysis

Dan Lohrmann Review

If you are looking for a book offering comprehensive coverage of cybersecurity, "Cybersecurity – Attack and Defense Strategies" is an excellent choice. It covers both offensive and defensive cyber strategies in a wide manner. Each of the sections could probably be a book of their own if the authors decide to do a deeper dive. Nevertheless, the essential topics are covered to address the named topics listed above.

The book also covers differing perspectives for various professional roles from managers to executives to the front-line analysts who use cybertools. The authors clearly know the material well, and both have written several other technical books. This is not a book with numerous cyber "war stories" regarding front-line battles and intriguing security narratives. Other (less-technical) books offer better personal cyber career stories.  

Nevertheless, if you are a novice or an experience security professional, there is always more to learn. This book offers cyber coverage of topics that you may not address on a day-to-day basis, but need to cover occasionally. I really like the index of terms in the back for this purpose.

Overall, I give this book 5 stars for the comprehensive coverage of so much important cybersecurity material. I would not be surprised to see this as a cybersecurity text book at some universities.