Morey J. Haber is the Chief Security Advisor at BeyondTrust. As the Chief Security Advisor, Morey is the lead identity and technical evangelist at BeyondTrust. He has more than 25 years of IT industry experience and has authored four books: Identity Attack Vectors, Privileged Attack Vectors, Asset Attack Vectors, and Cloud Attack Vectors. Morey has previously served as BeyondTrust’s Chief Security Officer, Chief Technology Officer, and Vice President of Product Management during his nearly 12-year tenure with the company.
Morey regularly contributes to the growth of the IT security industry through his contributions to:
The Attack Vector series provides a detailed examination of common and emerging threat vectors that are increasingly being exploited by threat actors and used in attacks on organizations. The purpose of the series is to arm IT leaders with the insights and best practices they need to better manage cyber risk.
The series consists of 4 books:
Read on to learn more about each of the books in the Attack Vector series.
"It is easier for a threat actor to login versus hack in." --Morey J. Haber, Identity Attack Vectors
Who This Book Is For:
Management and implementers in IT operations, security, and auditing looking to understand and implement an Identity and Access Management (IAM) program, manage privileges in these environments, and harden their identity attack surface.
What you'll learn:
Authored by: Morey J. Haber and D. Rolls
"No single, standalone solution or strategy can effectively protect against all cloud attack vectors or identify all malicious activity." --Morey J. Haber, Cloud Attack Vectors
Who this book is for:
This book is for new security professionals, entry-level cloud security engineers, managers embarking on digital transformation, and auditors looking to understand security and compliance risks associated with the cloud.
What you'll learn:
Authored by: Morey J. Haber and Chris Hills
"Privileges, insecure passwords, administrative rights, and remote access can be combined as an attack vector to breach any organization." --Morey J. Haber, Privileged Attack Vectors
Who This Book Is For:
Security management professionals, new security professionals, and auditors looking to understand and solve privilege access management problems.
What You'll Learn:
Authored by: Morey J. Haber
"In the modern enterprise, everything connected to the network is a target." --Morey J. Haber, Asset Attack Vectors
Who this book is for
New and intermediate security management professionals, auditors, and information technology staff looking to build an effective vulnerability management program and defend against asset-based cyberattacks.
What you’ll learn:
Authored by: Morey J. Haber and B. Hibbert
In this Q&A style blog, we sit down with authors of the latest second edition of Identity Attack Vectors, Morey and Darran, to explore the thought process that went into the writing of the book—and to learn more about why detecting and defending against identity threats should be the basis of all modern cybersecurity initiatives. Read on to hear from Morey and Darran exploring how identity security has emerged as a cornerstone of modern enterprise security, and much more.
In this session, join BeyondTrust’s Chief Security Advisor, Morey Haber and Founder of Cloud 10, Darran Rolls authors of the second edition of "Identity Attack Vectors," as they delve into the evolving landscape of identity-based threats and explore practical strategies for defense.
An interview with the authors of Cloud Attack Vectors
The shift to the cloud in enterprise computing has contributed to an evolution of the cybersecurity landscape—one that has pushed it well beyond the boundaries of the traditional perimeter. Work from anywhere, shadow cloud IT, overextended VPNs and remote access—these new challenges are all contributing to a continuous and exponential increase of attack vectors that are adding to the threats organizations have been battling against for years. Read on for a conversation with the authors as we explore the thought process that went into the writing of the book.
In this webcast session, cybersecurity experts and co-authors of Cloud Attack Vectors offer best practices for addressing cloud attack vectors. Learn cutting-edge strategies for building the optimal cloud defense for your organization’s unique cloud environment.
An overview of Identity Attack Vectors
Almost every successful (that means the threat actors win) cyberattack today exploits identity as an attack vector. In particular, privileged access management (PAM)—a key component of identity and governance administration (IGA)—plays a critical role in the attack chain. While part of the identity security challenge is technological, another part is organizational. At many enterprises, identity management and security run as parallel and separate entities, each with their own teams, budgets, and priorities. Read this blog for key highlights from the book and an overview of what organizations need to do to ensure the most basic levels of security for corporate identities and assets.
An interview with the Author of Privileged Attack Vectors
While privileged access posed a security threat for decades, it’s only in the last 5-7 years that the privileged attack surface has exploded and become the most dangerous IT security threat. Yet, a knowledge gap existed with regards to understanding the scope of privileged threats and how to programmatically address that prodigious risk. In the completely revised and expanded second edition of Privileged Attack Vectors reflects the significantly changing world of Privileged Access Management (PAM). Read on for a summary of what is covered in the latest edition of the book, followed by an insightful Q&A on the book, cybersecurity and PAM trends, and more with the author himself!
Today’s network environments are dynamic and perimeters are expanding, requiring multiple layers of defense to mitigate vulnerabilities and stop data breaches. In the modern enterprise, everything connected to the network and cloud is a target. In Privileged Attack Vectors, Morey Haber and Brad Hibbert explain how to build an effective vulnerability management strategy to protect an organization’s assets, applications, and data. Read this blog for an overview of the book and the key highlights that can help you build a vulnerability management program designed to work in the modern threat environment.
Request Morey Haber, Chris Hills, or a subject matter expert from BeyondTrust to speak at your next event. Contact us to receive more information.