Skip to Main Content

Cybersecurity

A collection of links and resources for UAH students and faculty in the Cybersecurity program.

Business Liaison Librarian

Profile Photo
Michael Manasco
Contact:
Room 125, behind the Reference Desk
256-824-6965

Business Liaison Librarian

Profile Photo
Laura Slavin
she/her/hers
Contact:
M. Louis Salmon Library
Office #338
256-824-5570

Welcome!

Welcome to the library resources page for Cybersecurity!

The databases, journals, books, websites, and other resources listed on this page have been selected to be of use for UAH students, faculty, and researchers in the program in Cybersecurity. (For more information about Cybersecurity at UAH, see the page for the Center for Cybersecurity Research and Education / CCRE.)

Please contact us if you need any assistance with library research. (The left-hand column has the contact information for the librarians for Business, Engineering, and Science.)

Cyber Security expert touching a screen with icons

Credit: "Cyber Security" by Cyber Security, June 20, 2022, licenced under CC BY-ND 2.0.

Research Help Desk | 256.824.6529

Monday - Friday   9:00am  - 5:00pm
Saturday CLOSED  
Sunday 12:00pm - 9:00pm

 

  • The best way to reach us outside of those hours is at refdesk@uah.edu
  • For in-depth help, request a 1-on-1 Research Consultation to speak with a librarian on a preferred day and time (generally in the same Mon-Fri 9am-5pm range, though exceptions might be possible). We have a variety of tools (including Zoom and Google Hangouts) for "face to face" video conferencing.

Helpful Shortcuts

New Books and E-books

Blockchain Essentials Core Concepts and Implementations [electronic resource]

This book will teach you the core concepts of blockchain technology in a concise manner through straightforward, concrete examples using a range of programming languages, including Python and Solidity. The 50 programs presented in this book are all you need to gain a firm understanding of blockchain and how to implement it. The book begins with an introduction to the fundamentals of blockchain technology, followed by a review of its types, framework, applications and challenges. Moving ahead, you will learn basic blockchain programming with hash functions, authentication code, and Merkle trees. You will then dive into the basics of bitcoin, including wallets, digital keys, transactions, digital signatures, and more. This is followed by a crash course on Ethereum programming, its network, and ecosystem. As you progress through the book, you will also learn about Hyperledger and put your newly-gained knowledge to work through case studies and example applications. After reading this book, you will understand blockchain's underlying concepts and its common implementations.   What You Will Learn Master theoretical and practical implementations of various blockchain components using Python Implement hashing, Merkel trees, and smart contracts using the Solidity programming language for various applications Grasp the internal structure of EVM and its implementation in smart contracts Understand why blockchain plays an essential role in cryptocurrencies and identify possible applications beyond cryptocurrencies Investigate and apply alternative blockchain solutions using Hyperledger, including its integration and deployment Explore research opportunities through case studies and gain an overview of implementation using various languages   Who Is This Book For: Anyone who is new to blockchain and wants to gain an an understanding of how it works and can be implemented.

The Boundaries of Data [electronic resource]

The legal domain distinguishes between different types of data and attaches a different level of protection to each of them. Thus, non-personal data are left largely unregulated, while privacy and data protection rules apply to personal data or personal information. There are stricter rules for processing sensitive personal data than for 'ordinary' personal data, and metadata or communications data are regulated differently than content communications data. Technological developments challenge these legal categorisations on at least three fronts: First, the lines between the categories are becoming harder to draw and more fluid. Second, working with various categories of data works well when the category a datum or dataset falls into is relatively stable. However, this is less and less so. Third, scholars increasingly question the rationale behind the various legal categorisations. This book assesses to what extent either of these strategies is feasible and to what extent alternative approaches could be developed by combining insights from three fields: technology, practice and law.

Dark Data

A practical guide to making good decisions in a world of missing data In the era of big data, it is easy to imagine that we have all the information we need to make good decisions. But in fact the data we have are never complete, and may be only the tip of the iceberg. Just as much of the universe is composed of dark matter, invisible to us but nonetheless present, the universe of information is full of dark data that we overlook at our peril. In Dark Data, data expert David Hand takes us on a fascinating and enlightening journey into the world of the data we don't see. Dark Data explores the many ways in which we can be blind to missing data and how that can lead us to conclusions and actions that are mistaken, dangerous, or even disastrous. Examining a wealth of real-life examples, from the Challenger shuttle explosion to complex financial frauds, Hand gives us a practical taxonomy of the types of dark data that exist and the situations in which they can arise, so that we can learn to recognize and control for them. In doing so, he teaches us not only to be alert to the problems presented by the things we don't know, but also shows how dark data can be used to our advantage, leading to greater understanding and better decisions. Today, we all make decisions using data. Dark Data shows us all how to reduce the risk of making bad ones.

Data sharing and collaboration with Delta Sharing [electronic resource]

Enterprises need a better way to share data and AI that's flexible and secure and that unlocks business value. Data sharing—whether within your organization or externally—allows companies to collaborate with partners, establish new partnerships, and generate new revenue streams with data monetization. With this guide, data practitioners will better understand the data sharing landscape and learn how to build a secure data sharing and collaboration strategy using Delta Sharing—the first open source approach to data sharing across data, analytics, and AI. Author Ron L'Esteve helps data practitioners discover and monetize the broadest set of data assets—including datasets, notebooks, AI models, applications, and dashboards—with the widest array of data providers and consumers in an open marketplace.

Data Stewardship in Action : A Roadmap to Data Value Realization and Measurable Business Outcomes [electronic resource]

Take your organization's data maturity to the next level by operationalizing data governance Key Features Develop the mindset and skills essential for successful data stewardship Apply practical advice and industry best practices, spanning data governance, quality management, and compliance, to enhance data stewardship Follow a step-by-step program to develop a data operating model and implement data stewardship effectively Purchase of the print or Kindle book includes a free PDF eBook Book Description In the competitive data-centric world, mastering data stewardship is not just a requirement--it's the key to organizational success. Unlock strategic excellence with Data Stewardship in Action, your guide to exploring the intricacies of data stewardship and its implementation for maximum efficiency.From business strategy to data strategy, and then to data stewardship, this book shows you how to strategically deploy your workforce, processes, and technology for efficient data processing. You'll gain mastery over the fundamentals of data stewardship, from understanding the different roles and responsibilities to implementing best practices for data governance. You'll elevate your data management skills by exploring the technologies and tools for effective data handling. As you progress through the chapters, you'll realize that this book not only helps you develop the foundational skills to become a successful data steward but also introduces innovative approaches, including leveraging AI and GPT, for enhanced data stewardship.By the end of this book, you'll be able to build a robust data governance framework by developing policies and procedures, establishing a dedicated data governance team, and creating a data governance roadmap that ensures your organization thrives in the dynamic landscape of data management. What you will learn Enhance your job prospects by understanding the data stewardship field, roles, and responsibilities Discover how to develop a data strategy and translate it into a functional data operating model Develop an effective and efficient data stewardship program Gain practical experience of establishing a data stewardship initiative Implement purposeful governance with measurable ROI Prioritize data use cases with the value and effort matrix Who this book is for This book is for professionals working in the field of data management, including business analysts, data scientists, and data engineers looking to gain a deeper understanding of the data steward role. Senior executives who want to (re)establish the data governance body in their organizations will find this resource invaluable. While accessible to both beginners and professionals, basic knowledge of data management concepts, such as data modeling, data warehousing, and data quality, is a must to get started. ]]>

Emerging Technologies for Business Professionals: a nontechnical guide to the governance and management of disruptive technologies [electronic resource]

Embrace emerging technology in your own organization with jargon-free and practical guidance In Emerging Technologies for Business Professionals: A Nontechnical Guide to the Governance and Management of Disruptive Technologies, a team of accomplished accounting systems experts and educators delivers a straightforward and jargon-free management and governance blueprint of emerging technologies ideal for business professionals. In this book you will learn how to use cutting-edge technologies, including AI, analytics, robotic process automation, blockchain, and more to maintain competitive advantage while managing risks. The authors provide real-world examples and case studies of each of the discussed technologies, allowing readers to place the technical details in the context of identifiable business environments. Each chapter offers simple and useful insights in new technology that can be immediately applied by business professionals. Readers will also find: Discussions of a host of new computing technologies, including edge, cloud, and quantum computing Exploration of how the disruptive technologies such as metaverse and non-fungible tokens will impact business operations Easy-to-understand explanations of the latest, most relevant technologies with applications in accounting, marketing, and operations An essential resource for Certified Public Accountants, CPA candidates, and students of accounting and business, Emerging Technologies for Business Professionals will also earn a place in the libraries of anyone interested in adopting emerging technologies in their own organizations.

Enterprise Cyber Risk Management As a Value Creator : Leverage Cybersecurity for Competitive Advantage [electronic resource]

This book will help you learn the importance of organizations treating enterprise cyber risk management (ECRM) as a value creator, a business enabler, and a mechanism to create a competitive advantage. Organizations began to see the real value of information and information technology in the mid-1980s. Forty years later, it's time to leverage your ECRM program and cybersecurity strategy in the same way. The main topics covered include the case for action with specific coverage on the topic of cybersecurity as a value creator, including how the courts, legislators, and regulators are raising the bar for C-suite executives and board members. The book covers how the board's three primary responsibilities (talent management, strategy, and risk management) intersect with their ECRM responsibilities. ECRM was once solely focused on managing the downside of risk by defending the organization from adversarial, accidental, structural, and environmental threat sources. Author Bob Chaput presents the view that we must focus equally on managing the upside of cyber strengths to increase customer trust and brand loyalty, improving social responsibility, driving revenue growth, lowering the cost of capital, attracting higher quality investments, creating competitive advantage, attracting and retaining talent, and facilitating M&A work. He focuses on the C-suite and board role in the first part and provides guidance on their roles and responsibilities, the most important decision about ECRM they must facilitate, and how to think differently about ECRM funding. You will learn how to the pivot from cost-center thinking to value-center thinking. Having built the case for action, in the second part, the book details the steps that organizations must take to develop and document their ECRM program and cybersecurity strategy. The book first covers how ECRM must be integrated into business strategy. The remainder of that part presents a sample table of contents for an ECRM Program and Cybersecurity Strategy document and works through each section to facilitate development of your own program and strategy. With all the content and ideas presented, you will be able to establish, implement, and mature your program and strategy. What You Will Learn Read new information and treat ECRM and cybersecurity as a value creator Receive updates on legal cases, legislative actions, and regulations that are raising the stakes for organizations, their C-suites, and boards Think differently about funding ECRM and cybersecurity initiatives Understand the most critical ECRM decision that boards must facilitate in their organizations Use practical, tangible, actionable content to develop and document your ECRM program and cybersecurity strategy "This book should be mandatory reading for C-suite executives and board members. It shows you how to move from viewing cybersecurity as a risk to avoid, and a cost center that does not add value and is overhead, to seeing cybersecurity as an enabler and part of your core strategy to transform your business and earn customer and stakeholder trust." --Paul Connelly, First CISO at the White House and HCA Healthcare   Who This Book Is For The primary audience includes Chief Information Security Officers, Chief Risk Officers, and Chief Compliance Officers. The secondary audience includes C-suite executives and board members. The tertiary audience includes any stakeholder responsible for privacy, security, compliance, and cyber risk management or students of these topics.

Europrivacy : the first European data protection seal [electronic resource]

On 12 October 2022, the EDPB (European Data Protection Board) endorsed the Europrivacy(tm)/® certification scheme. This is the first certification mechanism, or data protection seal, that entities can achieve to demonstrate their compliance with the GDPR (General Data Protection Regulation) and other national data privacy obligations. This guide introduces the following key elements of Europrivacy: Preparing for certification. The certification criteria. The GDPR core criteria. Complementary contextual checks and controls. Technical and organisational checks and controls . National requirements. The certification process. There are considerable advantages for entities that certify some, or all, of their personal data processing activities to Europrivacy: Demonstrate to customers, clients, employees, suppliers and other stakeholders that protection of personal data being processed is of utmost importance. Reduce the financial and legal risks of non-compliance with the requirements of the GDPR. Non-compliance could lead to fines of up to £17.5 million (e20 million) or 4% of total worldwide turnover, whichever is greater. Get peace of mind that Europrivacy checks and controls are continually updated to take into account any regulatory or legislative changes, advice and guidance from the EDPB, and changes to national and domain-specific obligations. Buy this guide today to begin your Europrivacy compliance journey!

The Fight for Privacy: protecting dignity, identity, and love in the digital age

Privacy is disappearing. From our sex lives to our workout routines, the details of our lives once relegated to pen and paper have joined the slipstream of new technology. As a MacArthur fellow and distinguished professor of law at the University of Virginia, acclaimed civil rights advocate Danielle Citron has spent decades working with lawmakers and stakeholders across the globe to protect what she calls intimate privacy--encompassing our bodies, health, gender, and relationships. When intimate privacy becomes data, corporations know exactly when to flash that ad for a new drug or pregnancy test. Social and political forces know how to manipulate what you think and who you trust, leveraging sensitive secrets and deepfake videos to ruin or silence opponents. And as new technologies invite new violations, people have power over one another like never before, from revenge porn to blackmail, attaching life-altering risks to growing up, dating online, or falling in love. A masterful new look at privacy in the twenty-first century, The Fight for Privacy takes the focus off Silicon Valley moguls to investigate the price we pay as technology migrates deeper into every aspect of our lives: entering our bedrooms and our bathrooms and our midnight texts; our relationships with friends, family, lovers, and kids; and even our relationship with ourselves. Drawing on in-depth interviews with victims, activists, and advocates, Citron brings this headline issue home for readers by weaving together visceral stories about the countless ways that corporate and individual violators exploit privacy loopholes. Exploring why the law has struggled to keep up, she reveals how our current system leaves victims--particularly women, LGBTQ+ people, and marginalized groups--shamed and powerless while perpetrators profit, warping cultural norms around the world. Yet there is a solution to our toxic relationship with technology and privacy: fighting for intimate privacy as a civil right. Collectively, Citron argues, citizens, lawmakers, and corporations have the power to create a new reality where privacy is valued and people are protected as they embrace what technology offers. Introducing readers to the trailblazing work of advocates today, Citron urges readers to join the fight. Your intimate life shouldn't be traded for profit or wielded against you for power: it belongs to you. With Citron as our guide, we can take back control of our data and build a better future for the next, ever more digital, generation.

Global digital data governance : polycentric perspectives [electronic resource]

This book addresses global digital data governance from polycentric perspectives. Theories of (global) digital data governance remain little consolidated, with monodisciplinary accounts and different approaches focusing on actors, processes and norms. To meet these limitations, this volume harnesses an interdisciplinary and transscalar approach to understanding digital data governance. Polycentrism, this book argues, provides a set of lenses that tie together the variety of actors, issues, and processes intertwined in digital data governance at subnational, national, regional, and global levels. Two major insights result. First, substantively, polycentrism reveals many power centers and connections in digital data governance. Second, polycentric perspectives bridge disciplinary divides in the analysis of digital data governance that hold varying assumptions of what governance involves. Polycentric perspectives help draw together a growing range of insights from different disciplines about the complexities of digital data governance: how it occurs, how it might occur differently, and how it should occur. Written by an international and interdisciplinary team, this book will be of interest to students and scholars in the field of Development Studies, Political Science, International Relations, Global Studies, Science and Technology Studies, Sociology, and Media and Communication Studies

The Hank Show : how a house-painting, drug-running DEA informant built the machine that rules our lives

The bizarre and captivating story of the most important person you've never heard of. The world we live in today, where everything is tracked by corporations and governments, originates with one manic, elusive, utterly unique man--as prone to bullying as he was to fits of surpassing generosity and surprising genius. His name was Hank Asher, and his life was a strange and spectacular show that changed the course of the future. In The Hank Show, critically acclaimed author and journalist McKenzie Funk relates Asher's stranger-than-fiction story--he careened from drug-running pilot to alleged CIA asset, only to be reborn as the pioneering computer programmer known as the father of data fusion. He was the multimillionaire whose creations now power a new reality where your every move is tracked by police departments, intelligence agencies, political parties, and financial firms alike. But his success was not without setbacks. He truly lived nine lives, on top of the world one minute, only to be forced out of the companies he founded and blamed for data breaches resulting in major lawsuits and market chaos. In the vein of the blockbuster movie Catch Me if You Can, this spellbinding work of narrative nonfiction propels you forward on a forty year journey of intrigue and innovation, from Colombia to the White House and from Silicon Valley to the 2016 Trump campaign, focusing a lens on the dark side of American business and its impact on the everyday fabric of our modern lives.

The Hardware Hacking Handbook: breaking embedded security with hardware attacks

The Hardware Hacking Handbook takes you deep inside embedded devices to show how different kinds of attacks work, then guides you through each hack on real hardware. Embedded devices are chip-size microcomputers small enough to be included in the structure of the object they control, and they're everywhere-in phones, cars, credit cards, laptops, medical equipment, even critical infrastructure. This means understanding their security is critical. The Hardware Hacking Handbook takes you deep inside different types of embedded systems, revealing the designs, components, security limits, and reverse-engineering challenges you need to know for executing effective hardware attacks. Written with wit and infused with hands-on lab experiments, this handbook puts you in the role of an attacker interested in breaking security to do good. Starting with a crash course on the architecture of embedded devices, threat modeling, and attack trees, you'll go on to explore hardware interfaces, ports and communication protocols, electrical signaling, tips for analyzing firmware images, and more. Along the way, you'll use a home testing lab to perform fault-injection, side-channel (SCA), and simple and differential power analysis (SPA/DPA) attacks on a variety of real devices, such as a crypto wallet. The authors also share insights into real-life attacks on embedded systems, including Sony's PlayStation 3, the Xbox 360, and Philips Hue lights, and provide an appendix of the equipment needed for your hardware hacking lab - like a multimeter and an oscilloscope - with options for every type of budget. You'll learn- How to model security threats, using attacker profiles, assets, objectives, and countermeasures Electrical basics that will help you understand communication interfaces, signaling, and measurement How to identify injection points for executing clock, voltage, electromagnetic, laser, and body-biasing fault attacks, as well as practical injection tips How to use timing and power analysis attacks to extract passwords and cryptographic keys Techniques for leveling up both simple and differential power analysis, from practical measurement tips to filtering, processing, and visualization Whether you're an industry engineer tasked with understanding these attacks, a student starting out in the field, or an electronics hobbyist curious about replicating existing work, The Hardware Hacking Handbook is an indispensable resource - one you'll always want to have onhand.

Managing Data Integrity for Finance : Discover Practical Data Quality Management Strategies for Finance Analysts and Data Professionals [electronic resource]

Level up your career by learning best practices for managing the data quality and integrity of your financial data Key Features Accelerate data integrity management using artificial intelligence-powered solutions Learn how business intelligence tools, ledger databases, and database locks solve data integrity issues Find out how to detect fraudulent transactions affecting financial report integrity Book Description Data integrity management plays a critical role in the success and effectiveness of organizations trying to use financial and operational data to make business decisions. Unfortunately, there is a big gap between the analysis and management of finance data along with the proper implementation of complex data systems across various organizations.The first part of this book covers the important concepts for data quality and data integrity relevant to finance, data, and tech professionals. The second part then focuses on having you use several data tools and platforms to manage and resolve data integrity issues on financial data. The last part of this the book covers intermediate and advanced solutions, including managed cloud-based ledger databases, database locks, and artificial intelligence, to manage the integrity of financial data in systems and databases.After finishing this hands-on book, you will be able to solve various data integrity issues experienced by organizations globally. What you will learn Develop a customized financial data quality scorecard Utilize business intelligence tools to detect, manage, and resolve data integrity issues Find out how to use managed cloud-based ledger databases for financial data integrity Apply database locking techniques to prevent transaction integrity issues involving finance data Discover the methods to detect fraudulent transactions affecting financial report integrity Use artificial intelligence-powered solutions to resolve various data integrity issues and challenges Who this book is for This book is for financial analysts, technical leaders, and data professionals interested in learning practical strategies for managing data integrity and data quality using relevant frameworks and tools. A basic understanding of finance concepts, accounting, and data analysis is expected. Knowledge of finance management is not a prerequisite, but it'll help you grasp the more advanced topics covered in this book. ]]>

Our Data, Ourselves : a personal guide to digital privacy

A practical, user-friendly handbook for understanding and protecting our personal data and digital privacy.   Our Data, Ourselves addresses a common and crucial question: What can we as private individuals do to protect our personal information in a digital world? In this practical handbook, legal expert Jacqueline D. Lipton guides readers through important issues involving technology, data collection, and digital privacy as they apply to our daily lives. Our Data, Ourselves covers a broad range of everyday privacy concerns with easily digestible, accessible overviews and real-world examples. Lipton explores the ways we can protect our personal data and monitor its use by corporations, the government, and others. She also explains our rights regarding sensitive personal data like health insurance records and credit scores, as well as what information retailers can legally gather, and how. Who actually owns our personal information? Can an employer legally access personal emails? What privacy rights do we have on social media? Answering these questions and more, Our Data, Ourselves provides a strategic approach to assuming control over, and ultimately protecting, our personal information.

Privacy and Security Challenges in Cloud Computing: A Holistic Approach.

This reference text discusses various security techniques and challenges for cloud data protection from both software and hardware aspects. The text provides readers with an overview of cloud computing, beginning with historical perspectives on mainframe computers and early networking protocols, moving to current issues such as security of hardware and networks, performance, evolving IoT areas, edge computing, etc. It also deals with threat detection and incident response in cloud security. It covers important topics including operational security agitations in cloud computing, cyber artificial intelligence (AI) platform for cloud security, and security concerns of virtualization in cloud computing. The book will serve as a useful resource for graduate students and professionals in the fields of electrical engineering, electronics engineering, computer science, and information technology.

Securing the Private Sector : protecting US industry in pursuit of national security

"[An] erudite approach to a set of controversial questions." --Barry Eichengreen, Foreign Affairs "Does an excellent job of showing how thegovernment has attempted to negotiate the problem of regulating and protectingthe private sector.... Highly recommended." --Choice "A well-researched, succinct, accessible, and insightful look into the various problems facing government and industry in enhancing cooperation to strengthen national security and homeland security." --Nadav Morag, International Journal of Intelligence and Counterintelligence "Authoritative and comprehensive.... Tromblay shows the important ways in which public sector security agencies and private sector firms interact to address major security challenges." --Brian Nussbaum, College of Emergency Preparedness, Homeland Security, and Cybersecurity, University at Albany As a provider of vital infrastructure and technology, the private sector has become an essential contributor to US national security--and the target of hackers and terrorists. Darren Tromblay traces the evolution of an often fraught public-private partnership to explore how the complex web of intelligence agencies has struggled to protect critical economic and industrial interests. CONTENTS: Private Industry and National Security. Regulating the Transfer of Technology and Knowledge. Disrupting the Theft of Assets. Countering Proliferation and Terrorism. Securing the Cyber Realm. Addressing Global Necessities and Domestic Shortcomings. Reassessing the Public-Private National Security Relationship. Appendix: Key US Government Entities Engaged in Securing the Private Sector.

Social engineering : how crowdmasters, phreaks, hackers, and trolls created a new form of manipulative communication

Manipulative communication-from early twentieth-century propaganda to today's online con artistry-examined through the lens of social engineering. The United States is awash in manipulated information about everything from election results to the effectiveness of medical treatments. Corporate social media is an especially good channel for manipulative communication, with Facebook a particularly willing vehicle for it. In Social Engineering, Robert Gehl and Sean Lawson show that online misinformation has its roots in earlier techniques- mass social engineering of the early twentieth century and interpersonal hacker social engineering of the 1970s, converging today into what they call "masspersonal social engineering." As Gehl and Lawson trace contemporary manipulative communication back to earlier forms of social engineering, possibilities for amelioration become clearer. The authors show how specific manipulative communication practices are a mixture of information gathering, deception, and truth-indifferent statements, all with the instrumental goal of getting people to take actions the social engineer wants them to. Yet the term "fake news," they claim, reduces everything to a true/false binary that fails to encompass the complexity of manipulative communication or to map onto many of its practices. They pay special attention to concepts and terms used by hacker social engineers, including the hacker concept of "bullshitting," which the authors describe as a truth-indifferent mix of deception, accuracy, and sociability. They conclude with recommendations for how society can undermine masspersonal social engineering and move toward healthier democratic deliberation.

Zero Trust and Third-Party Risk: reduce the blast radius [electronic resource]

Dramatically lower the cyber risk posed by third-party software and vendors in your organization In Zero Trust and Third-Party Risk, veteran cybersecurity leader Gregory Rasner delivers an accessible and authoritative walkthrough of the fundamentals and finer points of the zero trust philosophy and its application to the mitigation of third-party cyber risk. In this book, you'll explore how to build a zero trust program and nurture it to maturity. You will also learn how and why zero trust is so effective in reducing third-party cybersecurity risk. The author uses the story of a fictional organization--KC Enterprises--to illustrate the real-world application of zero trust principles. He takes you through a full zero trust implementation cycle, from initial breach to cybersecurity program maintenance and upkeep. You'll also find: Explanations of the processes, controls, and programs that make up the zero trust doctrine Descriptions of the five pillars of implementing zero trust with third-party vendors Numerous examples, use-cases, and stories that highlight the real-world utility of zero trust An essential resource for board members, executives, managers, and other business leaders, Zero Trust and Third-Party Risk will also earn a place on the bookshelves of technical and cybersecurity practitioners, as well as compliance professionals seeking effective strategies to dramatically lower cyber risk.