Morey J. Haber is the Chief Security Officer at BeyondTrust. With more than 25 years of IT industry experience, he currently oversees BeyondTrust security and governance for corporate and cloud-based solutions. He is a published author, having ideated and co-authored all four books in the Attack Vector series. In addition, Morey frequently publishes in Forbes and SecureWorld, and regularly consults for global periodicals and media.
Morey regularly contributes to the growth of the IT security industry through his contributions to:
The Attack Vector series provides a detailed examination of common and emerging threat vectors that are increasingly being exploited by threat actors and used in attacks on organizations. The purpose of the series is to arm IT leaders with the insights and best practices they need to better manage cyber risk.
The series consists of 4 books:
Read on to learn more about each of the books in the Attack Vector series.
"No single, standalone solution or strategy can effectively protect against all cloud attack vectors or identify all malicious activity." --Morey J. Haber, Cloud Attack Vectors
Who this book is for:
This book is for new security professionals, entry-level cloud security engineers, managers embarking on digital transformation, and auditors looking to understand security and compliance risks associated with the cloud.
What you'll learn:
Authored by: Morey J. Haber and Chris Hills
"When identity theft and poor identity management are leveraged as an attack vector, risk and vulnerabilities increase exponentially." --Morey J. Haber, Identity Attack Vectors
Who This Book Is For:
Management and implementers in IT operations, security, and auditing looking to understand and implement an identity access management program and manage privileges in these environments.
What you'll learn:
Authored by: Morey J. Haber and D. Rolls
"Privileges, insecure passwords, administrative rights, and remote access can be combined as an attack vector to breach any organization." --Morey J. Haber, Privileged Attack Vectors
Who This Book Is For:
Security management professionals, new security professionals, and auditors looking to understand and solve privilege access management problems.
What You'll Learn:
Authored by: Morey J. Haber
"In the modern enterprise, everything connected to the network is a target." --Morey J. Haber, Asset-Based Attack Vectors
Who this book is for
New and intermediate security management professionals, auditors, and information technology staff looking to build an effective vulnerability management program and defend against asset-based cyberattacks.
What you’ll learn:
Authored by: Morey J. Haber and B. Hibbert
An interview with the authors of Cloud Attack Vectors
The shift to the cloud in enterprise computing has contributed to an evolution of the cybersecurity landscape—one that has pushed it well beyond the boundaries of the traditional perimeter. Work from anywhere, shadow cloud IT, overextended VPNs and remote access—these new challenges are all contributing to a continuous and exponential increase of attack vectors that are adding to the threats organizations have been battling against for years. Read on for a conversation with the authors as we explore the thought process that went into the writing of the book.
The authors of Cloud Attack Vectors explain why accelerated adoption of the cloud is changing the path of least resistance for attackers, and how organizations need to adapt to the shifting threat landscape. Watch this roundtable discussion to learn:
• How & why today’s threat actors are targeting cloud environments
• Top 5 strategies for securing identities in the cloud
• How the CIEM market has evolved
• Some of the most frequently asked questions we’re hearing from organizations as they secure their cloud infrastructure
In this session cybersecurity experts and co-authors of Cloud Attack Vectors offer best practices for addressing cloud attack vectors. Learn cutting-edge strategies for building the optimal cloud defense for your organization’s unique cloud environment. Watch this webinar to learn:
An overview of Identity Attack Vectors
Almost every successful (that means the threat actors win) cyberattack today exploits identity as an attack vector. In particular, privileged access management (PAM)—a key component of identity and governance administration (IGA)—plays a critical role in the attack chain. While part of the identity security challenge is technological, another part is organizational. At many enterprises, identity management and security run as parallel and separate entities, each with their own teams, budgets, and priorities. Read this blog for key highlights from the book and an overview of what organizations need to do to ensure the most basic levels of security for corporate identities and assets.
In this webinar, two of the world’s foremost thought leaders on identity management (IAM) and privileged access management (PAM), and co-authors of the new book, Identity Attack Vectors: Implementing an Effective Identity and Access Management Solution, Morey J. Haber and Darran Rolls, explain how to mature your identity program, the pitfalls to watch out for, and proactive methods to ensure long-term viability of your identity lifecycle. Watch this webinar to learn how you can successfully:
As remote agency workforces expand, there is little question that Privileged Identity Management will play an increasingly crucial role in mitigating cyber-attacks. Recent cyber breach news is a reminder that privileged credentials are highly targeted by threat actors. Watch this webinar to learn:
An interview with the Author of Privileged Attack Vectors
While privileged access posed a security threat for decades, it’s only in the last 5-7 years that the privileged attack surface has exploded and become the most dangerous IT security threat. Yet, a knowledge gap existed with regards to understanding the scope of privileged threats and how to programmatically address that prodigious risk. In the completely revised and expanded second edition of Privileged Attack Vectors reflects the significantly changing world of Privileged Access Management (PAM). Read on for a summary of what is covered in the latest edition of the book, followed by an insightful Q&A on the book, cybersecurity and PAM trends, and more with the author himself!
Today’s network environments are dynamic and perimeters are expanding, requiring multiple layers of defense to mitigate vulnerabilities and stop data breaches. In the modern enterprise, everything connected to the network and cloud is a target. In Privileged Attack Vectors, Morey Haber and Brad Hibbert explain how to build an effective vulnerability management strategy to protect an organization’s assets, applications, and data. Read this blog for an overview of the book and the key highlights that can help you build a vulnerability management program designed to work in the modern threat environment.
Request Morey Haber, Chris Hills, or a subject matter expert from BeyondTrust to speak at your next event. Contact us to receive more information.