Cybersecurity for Executives
Table of Contents
I’m writing a modern book on cybersecurity for executives ~ one blog post at a time. Why? I want to help organizations prevent data breaches. I faced my own data breach while running a software consulting business. I had to figure out how to stop it myself and I didn’t know much about security at that time or where to get help. After that event I wanted to understand how this happened and how to sop it from happening again. I went on to get a masters in information security and one of the top cybersecurity certifications in the industry — the GSE. I’ve done years of security research and now run a cybersecurity and cloud security consulting and training company. With this book, I hope to help others understand the basics of cybersecurity and what really matters from an executive point of view. Here are the articles I’ve written so far. To support my efforts, join medium, clap for the articles, follow me, and refer them to others. Thanks!
Why executives need to care more about cybersecurity Cost-Benefit Analysis | $350 Million Dollars | Time Factor| Personal impact | Board member liability| Cyberwar
Cybersecurity strategy for executives: The big picture Basics | Questions | Reports | Automation | Objectives | Culture
20 cybersecurity questions for executives to ask security teams Asking the right questions | 20 questions to add to your cybersecurity risk reporting
CVEs: Security bugs that bite What is a CVE | How are new CVEs discovered | Responsible disclosure | What motivates security researchers | Malicious motivations | Zero-day malware
How network traffic got me into cybersecurity Radical Software | Spam | A strange security incident | Australia | A WAF before WAFs existed | Being paid to go away by a large hosting company | Networking Gives You Clues
Exponential increases in cyber risk from Internet exposure Network Security in the Cloud Age | How A Breach Works | The New Perimeter | Scan, Attack, and Infected Traffic | Ports, Protocols and the Exponential Problem
High-risk ports: The chink in your network armor What is administrative access? | Remote Administrative Access | Backdoors | Common Administrative Services and Ports | Other high-risk ports | A risk-based approach to locking down your network | Locking down cloud administration
Data Exposure: Protect your gold Where is your data? | Why the S3 bucket problem?| The underlying cause of database exposure| End-user storage | System Integration | Third-party web connections | Trusted vendors
Trust is overrated: Don’t be fooled by threats on your internal network Pivoting | Target breach | WannaCry | The dark web | American Greed | People | Network design | Zero Trust
To be continued…
Teri Radichel — Follow me: @teriradichel on Medium and Twitter
When people join Medium and clap for the articles it helps me keep writing.
Upcoming events where you can hear Teri Radichel speak about cloud security:
IANS Charlotte Information Security Forum (September 25–26)
IANS Houston Information Security Forum (September 11)
…and of course she’s usually at the Seattle AWS Architects and Engineers Meetup sponsored by 2nd Sight Lab!
Past Cloud Security Presentations (Videos)