This comprehensive introduction to the information security field covers the industry's essential concepts, using real-world security breaches to illustrate key lessons.
This comprehensive introduction to the information security field covers the industry's essential concepts, using real-world security breaches to illustrate key lessons.
""An excellent starting point for future security professionals."" -Help Net Security
Cybersecurity is a huge field, and breaking in can feel overwhelming. Where do you start when the territory spans everything from cryptography to cloud security to social engineering?
In Foundations of Cybersecurity, you'll learn how security professionals actually think about protecting systems. You'll start with core principles like authentication, authorization, and access control, then build outward into network defense, operating system hardening, application security, and security operations.
Each chapter introduces concepts in context, showing how they connect to real decisions you'll face on the job.
This updated second edition covers-
How attackers think- the threat landscape, social engineering tactics, and the kill chain How defenders respond- SOC operations, incident response, and vulnerability assessment The business side- governance, risk management, compliance frameworks, and penetration testing Securing what's new- AI systems, IoT devices, and cloud-native architectures Building your career- paths into security, certifications that matter, and the soft skills that separate good analysts from great ones
Hands-on projects throughout will have you apply what you've learned, from classifying real threat actors to designing detection rules to building a security awareness program.
Whether you're coming from IT or a completely different field, this book gives you the conceptual foundation to understand what cybersecurity professionals do, why they do it, and how to become one.
By:
Jason Andress
Imprint: No Starch Press,US
Country of Publication: United States
Dimensions:
Height: 234mm,
Width: 177mm,
Weight: 369g
ISBN: 9781718504400
ISBN 10: 1718504403
Pages: 328
Publication Date: 19 May 2026
Audience:
Professional and scholarly
,
Undergraduate
Format: Paperback
Publisher's Status: Active
Acknowledgments Introduction PART I: CORE PRINCIPLES Chapter 1: What Is Cybersecurity? Chapter 2: The Threat Landscape Chapter 3: Identification and Authentication Chapter 4: Authorization and Access Controls Chapter 5: Auditing and Accountability Chapter 6: Cryptography PART II: ARCHITECTURE, INFRASTRUCTURE, AND SYSTEM SECURITY Chapter 7: Security Architecture Chapter 8: Network Security Chapter 9: Operating System Security Chapter 10: Mobile, Embedded, and Internet of Things Security Chapter 11: Application Security Chapter 12: AI Security PART III: SECURITY OPERATIONS AND MANAGEMENT Chapter 13: SecOps, the SOC, and Incident Response Chapter 14: Governance, Risk, and Compliance Chapter 15: Vulnerability Assessments and Penetration Testing PART IV: HUMAN FACTORS AND PROFESSIONAL DEVELOPMENT Chapter 16: Social Engineering Chapter 17: Security Awareness Chapter 18: So You Want to Be a Security Professional Notes Index
Dr. Jason Andress is a cybersecurity professional and researcher with over 20 years of experience across financial services, retail, and technology. His career spans penetration testing, forensic analysis, security architecture, vulnerability research, and threat intelligence, including senior roles at Oracle, Nordstrom, and HP.
