IE 11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

Book Review: Cybersecurity Threats, Malware Trends and Strategies

If you are looking for a deep-dive strategy book that looks into a wide range of cybersecurity topics in an updated fashion, this book is for you.

binary code falling from a ceiling in columns, in red and white text on a black background
Shutterstock/Aliaksey Dabralinski
I am often asked to recommend cybersecurity books that cover various topics in compelling ways. There are many books that come out on a regular basis on issues ranging from ransomware to security governance and from end-user security to cloud computing to new books on generative AI.

But before I dive into a review of an excellent book that I just read, I want to urge my readers to take the time to read new — and updated — books on cybersecurity. This may seem obvious to some, but I know many people that just don’t read books much anymore (nor listen to audiobooks in the car).

And while authors of technology and security books also write blogs and articles in many circumstances, the depth of coverage on a topic is generally not available in even the best blogs. For example, I have written many articles and blogs on various aspects of ransomware over the years, while referencing current events. Nevertheless, my recent book, Cyber Mayday and the Day After, which I co-authored with Shamane Tan, goes into many more stories and specific details than is possible in an article or blog.


book cover1.png
When I was originally approached by Packt to review Cybersecurity Threats, Malware Trends and Strategies by Tim Rains, I was a bit reluctant since it was a second edition of an earlier book.

But I am very glad that I read this excellent book that covers a plethora of great cybersecurity information. I give this book a high four-star rating for its outstanding coverage of so many vital topics. I view this book as a good read and a great reference on all things cyber.

The author, Tim Rains, is a cybersecurity executive and adviser who is currently the vice president of Trust and Cyber Risk for T-Mobile. A few of the author’s previous roles include worldwide public-sector security and compliance leader at AWS, executive director of Cybersecurity Strategy at Las Vegas Sands Corp., and many senior security roles with Microsoft’s security teams. Bottom line: He is an expert with a wealth of experience.

Tim said this about what the book offers in takeaways: “This book is about cybersecurity strategy and how to inform strategy using credible threat intelligence and measuring performance in a pragmatic way. Some of the topics I dig into include:

  • How to identify credible threat intelligence versus all the hype
  • Ingredients that help develop a successful cybersecurity strategy
  • How to optimize vulnerability management programs using threat intelligence
  • Modern view of ransomware
  • How to mitigate governments as threat actors
  • How to measure the performance of a cybersecurity strategy
  • How to modernize cybersecurity strategies using the cloud”

The table of contents includes chapters on these broad topics, with many sub sections in each chapter:

  • Threat Intelligence
  • Using Vulnerability Trends to Reduce Risks and Costs
  • The Evolution of Malware
  • Internet-Based Threats
  • The Roles Government Play in Cybersecurity
  • Government Access to Data
  • Ingredients for a Successful Cybersecurity Strategy
  • Cybersecurity Strategies (covering areas from endpoint protection and physical control to compliance, applications and zero trust)
  • Strategy Implementation
  • Measuring Performance and Effectiveness
  • Modern Approaches to Security and Compliance
  • Index of Key Terms

Praise for the book from experts in the field comes from a variety of sources. Here are a few:

“The cyber threat landscape is more complex than ever. Most businesses have no idea how to deal with it.

“So I was pleasantly surprised by Mr. Rains’ book. Various areas of enterprise cybersecurity are well covered — threat intelligence, information security policy, the CISO role, analyzing threats with MITRE ATT@CK, incident response, security culture ... the whole gamut.” — Kim Crawley, cybersecurity researcher.

Cybersecurity Threats, Malware Trends, and Strategies, Second Edition is an essential resource. This book provides a comprehensive overview of current security issues and offers strategies for protecting from malicious attacks. It covers different types of cyber threats, practical advice on risk management processes, and guidance on developing incident response plans in case of any type of breach. This book is a must-read.” — Bryan Guinn, technology executive.

Cybersecurity Threats, Malware Trends, and Strategies is a comprehensive guide exploring the modern threats and challenges organizations face in the digital world. The book is a great overall resource and provides practical and effective strategies for mitigating cybersecurity risks and protecting assets from the latest cybersecurity threats. It also includes insights into the latest trends in malware and offers best practices for securing networks, endpoints, and cloud environments.” — Christophe Foulon, cybersecurity consultant.

FINAL THOUGHTS


In my opinion, Tim does an excellent job of answering tough questions on a long list of topics. His strategy advice is top-notch, and the book is full of updated materials on the latest trends. His expertise shines through, and his comments are always relevant and helpful.

I give him an excellent (four-star) review for this work. My only hesitation on giving it five stars is that I generally reserve those for books that break new ground with cybersecurity content that is available nowhere else.

I highly recommend this book. It is a great reference, and one that I will use for years to come.
Daniel J. Lohrmann is an internationally recognized cybersecurity leader, technologist, keynote speaker and author.