Eric C. Thompson is an accomplished governance, risk, and compliance professional. In his GRC role as Director of Compliance at Blue Health Intelligence (BHI), he leads efforts to increase cybersecurity maturity in several domains, including governance, policy and controls, risk management, cybersecurity strategy, and business alignment. Eric established the risk management function which includes assessment, analysis and treatments of risk, threat and vulnerability management strategy, and due diligence requirements for assessing third-party risk. Eric also assesses cybersecurity technology capabilities and recommends enhancements to current solutions and new implementations that meet risk reduction requirements.
Eric is also a proud member of the SANS Mentor team.
Chapter 1. What is Security Operations and Why is it Important?
Key components of security operations centers
How Security Operations differs from large organizations to medium and small size ones
How to begin the process
Setting the security operations strategy
Maturing security operations through policy, process, measurement and documentation
Chapter 2: Security Operations and HIPAA
How can security operations aid HIPAA compliance?
Mapping HIPAA safeguards to security operations processes
Chapter 3: Threat Intelligence
Types
Feeds
Components and requirements
Understanding what it is
How to consume it
How to generate it
Need and value
Chapter 4: Vulnerabilities
Identification - technical and non-technical
Assessing severity - key components
ExploitDB and other sites
Remediation - need/ challenges and solutions
Compensating controls (legacy systems)
Chapter 5: Monitoring - from the perimeter to the endpoint
Firewalls
IDS Solutions - commercial, Snort, Surricata? Bro
Wireshark, TCPdump, Tshark
Log aggregation and correlation - SIEM
Splunk
ELK
Necessary Log Sources
Traffic Flow
commercial tools
SiLK and other open source tools
Data flow and movement
Host-based tools
Malicious software
Intrusion detection
Firewall
Detection and Response
Chapter 6: Incident Response
Planning
Detecting
Containing
Responding
Post-mortem forensics and root cause
Chapter 7: Conclusion and Wrap-Up
Show more
Eric C. Thompson is an accomplished governance, risk, and compliance professional. In his GRC role as Director of Compliance at Blue Health Intelligence (BHI), he leads efforts to increase cybersecurity maturity in several domains, including governance, policy and controls, risk management, cybersecurity strategy, and business alignment. Eric established the risk management function which includes assessment, analysis and treatments of risk, threat and vulnerability management strategy, and due diligence requirements for assessing third-party risk. Eric also assesses cybersecurity technology capabilities and recommends enhancements to current solutions and new implementations that meet risk reduction requirements.
Eric is also a proud member of the SANS Mentor team.
Chapter 1. What is Security Operations and Why is it Important?
Key components of security operations centers
How Security Operations differs from large organizations to medium and small size ones
How to begin the process
Setting the security operations strategy
Maturing security operations through policy, process, measurement and documentation
Chapter 2: Security Operations and HIPAA
How can security operations aid HIPAA compliance?
Mapping HIPAA safeguards to security operations processes
Chapter 3: Threat Intelligence
Types
Feeds
Components and requirements
Understanding what it is
How to consume it
How to generate it
Need and value
Chapter 4: Vulnerabilities
Identification - technical and non-technical
Assessing severity - key components
ExploitDB and other sites
Remediation - need/ challenges and solutions
Compensating controls (legacy systems)
Chapter 5: Monitoring - from the perimeter to the endpoint
Firewalls
IDS Solutions - commercial, Snort, Surricata? Bro
Wireshark, TCPdump, Tshark
Log aggregation and correlation - SIEM
Splunk
ELK
Necessary Log Sources
Traffic Flow
commercial tools
SiLK and other open source tools
Data flow and movement
Host-based tools
Malicious software
Intrusion detection
Firewall
Detection and Response
Chapter 6: Incident Response
Planning
Detecting
Containing
Responding
Post-mortem forensics and root cause
Chapter 7: Conclusion and Wrap-Up
Show moreChapter 1: Security Operations: The Why and the Roadmap.- Chapter 2: HIPAA Security Rule and Cybersecurity Operations.- Chapter 3: Threat Intelligence.- Chapter 4: Vulnerability Management.- Chapter 5: Continuous Monitoring.- Chapter 6: Incident Response.- Chapter 7: Threat Hunting.- Chapter 8: Where to Go from Here.-
Eric C. Thompson is the author of two previous Apress books: Building a HIPAA Compliant Cybersecurity Program and Cybersecurity Incident Response. He is certified by GIAC in intrusion analysis, incident handling, network forensics, and detection. He is currently Director of Information Security and IT Compliance at Blue Health Intelligence, a company focused on data analytics in the healthcare payer space. He has Implemented and matured all elements of security operations. He is a passionate user of many open-source solutions and loves working with new implementations of Snort, Zeek, and SOF-ELK. He also has significant experience assessing and managing cyber risks and complying with HIPAA.
 |
Ask a Question About this Product More... |
|
