12 PART THREE: Maturation CHAPTER NINE: Compliance MASTER SERVICE AGREEMENTS, TERMS AND CONDITIONS, OH MY PATCH AND VULNERABILITY MANAGEMENT ANTIVIRUS AUDITING INCIDENT RESPONSE POLICIES AND CONTROLS CHANGE MANAGEMENT ENCRYPTION DATA LOSS PREVENTION DATA PROCESSING AGREEMENT SUMMARY ACTION PLAN NOTE CHAPTER TEN: Industry and Government Standards and Regulations OPEN SOURCE UNITED STATES PUBLIC RETAIL ENERGY, OIL, AND GAS HEALTH FINANCIAL EDUCATION INTERNATIONAL UNITED STATES FEDERAL AND STATE GOVERNMENT SUMMARY ACTION PLAN NOTES CHAPTER ELEVEN: Communicating Your Cybersecurity Posture and Maturity to Customers CERTIFICATIONS AND AUDITS QUESTIONNAIRES SHARING DATA WITH YOUR CUSTOMER CASE STUDY SUMMARY ACTION PLAN NOTES CHAPTER TWELVE: When the Breach Happens CYBER INSURANCE INCIDENT RESPONSE RETAINERS THE INCIDENT TABLETOP EXERCISES SUMMARY ACTION PLAN NOTE CHAPTER THIRTEEN: Secure Development FRAMEWORKS MICROSOFT SDL PRE-COMMIT INTEGRATED DEVELOPMENT ENVIRONMENT COMMIT BUILD PENETRATION TESTING SUMMARY ACTION PLAN NOTES CHAPTER FOURTEEN: Third-Party Risk TERMS AND CONDITIONS SHOULD I REVIEW THIS VENDOR? WHAT TO ASK AND LOOK FOR SUMMARY ACTION PLAN NOTE CHAPTER FIFTEEN: Bringing It All Together
13 Glossary
14 Index
List of Illustrations
1 IntroductionFIGURE I.1 Startup Development Phases – From Idea to Business and Talent to Organization
2 Chapter 1FIGURE 1.1 Yubikey Product LineFIGURE 1.2 Google Titan Security Keys
3 Chapter 3FIGURE 3.1 Example of a Push-Based MFA
4 Chapter 4FIGURE 4.1 Diagram Showing the Progression of Endpoint SecurityFIGURE 4.2 Magic Quadrant for Endpoint Protection PlatformsFIGURE 4.3 Gartner Scope of MDR Services
5 Chapter 5FIGURE 5.1 Magic Quadrant for the Wired and Wireless LAN Access Infrastructu...FIGURE 5.2 Comparison of SDP, VPN, and Zero-Trust Networks
6 Chapter 6FIGURE