Author: Larry Clinton
Publisher: Kogan Page Publishers
ISBN: 1398606391
Category : Business & Economics
Languages : en
Pages : 265
Book Description
Balance the benefits of digital transformation with the associated risks with this guide to effectively managing cybersecurity as a strategic business issue. Important and cost-effective innovations can substantially increase cyber risk and the loss of intellectual property, corporate reputation and consumer confidence. Over the past several years, organizations around the world have increasingly come to appreciate the need to address cybersecurity issues from a business perspective, not just from a technical or risk angle. Cybersecurity for Business builds on a set of principles developed with international leaders from technology, government and the boardroom to lay out a clear roadmap of how to meet goals without creating undue cyber risk. This essential guide outlines the true nature of modern cyber risk, and how it can be assessed and managed using modern analytical tools to put cybersecurity in business terms. It then describes the roles and responsibilities each part of the organization has in implementing an effective enterprise-wide cyber risk management program, covering critical issues such as incident response, supply chain management and creating a culture of security. Bringing together a range of experts and senior leaders, this edited collection enables leaders and students to understand how to manage digital transformation and cybersecurity from a business perspective.
Cybersecurity for Business
The Business of Cyber
Author: Peter Fagan
Publisher: CRC Press
ISBN: 1003845444
Category : Business & Economics
Languages : en
Pages : 206
Book Description
This book examines the cybersecurity phenomenon, looking at the folklore, the hype, and the behaviour of its practitioners. A central theme is that the management of cybersecurity needs to be owned by the people running the organisation, rather than by the cybersecurity team, who frequently don’t have management as a core skill. In order to effect that change, managers need to have the background and detail to challenge what they are being told, enabling them to engage in a way that will result in more appropriate outcomes for the business. This book provides that background and detail. It debunks a number of cyber-myths, and calls out basic errors in the accepted thinking on cyber. The content is strongly rooted in available research and presented in an accessible manner, with a number of business-related case studies. Each chapter in the book takes a theme such as end-user behaviours and compares the available evidence with what the industry would like to have its customers believe. The conclusion is that there is definitely a problem, and we certainly need cyber defences. Just not the ones the industry is currently selling.
Publisher: CRC Press
ISBN: 1003845444
Category : Business & Economics
Languages : en
Pages : 206
Book Description
This book examines the cybersecurity phenomenon, looking at the folklore, the hype, and the behaviour of its practitioners. A central theme is that the management of cybersecurity needs to be owned by the people running the organisation, rather than by the cybersecurity team, who frequently don’t have management as a core skill. In order to effect that change, managers need to have the background and detail to challenge what they are being told, enabling them to engage in a way that will result in more appropriate outcomes for the business. This book provides that background and detail. It debunks a number of cyber-myths, and calls out basic errors in the accepted thinking on cyber. The content is strongly rooted in available research and presented in an accessible manner, with a number of business-related case studies. Each chapter in the book takes a theme such as end-user behaviours and compares the available evidence with what the industry would like to have its customers believe. The conclusion is that there is definitely a problem, and we certainly need cyber defences. Just not the ones the industry is currently selling.
Essential Cyber Security for Your Small Business: How to Protect Your Small Business from Cyber Attacks, Hackers, and Identity Thieves Without Breaking the Bank
Author: James Pearson
Publisher: Lulu.com
ISBN: 0359804179
Category : Computers
Languages : en
Pages : 94
Book Description
One in five small businesses fall victim to cybercrime each year. Cybercrime costs the global economy billions of dollars each year and is expected to continue to rise because small businesses are considered low-hanging fruit and easy prey for criminals. Inside You'll find practical, cost-effective ways to protect you, your clients' data, and your reputation from hackers, ransomware and identity thieves. You'll learn: -The truth about Windows updates and software patches -The 7 layers of security every small business must have -The top 10 ways hackers get around your firewall and anti-virus software -46 security tips to keep you safe and more.
Publisher: Lulu.com
ISBN: 0359804179
Category : Computers
Languages : en
Pages : 94
Book Description
One in five small businesses fall victim to cybercrime each year. Cybercrime costs the global economy billions of dollars each year and is expected to continue to rise because small businesses are considered low-hanging fruit and easy prey for criminals. Inside You'll find practical, cost-effective ways to protect you, your clients' data, and your reputation from hackers, ransomware and identity thieves. You'll learn: -The truth about Windows updates and software patches -The 7 layers of security every small business must have -The top 10 ways hackers get around your firewall and anti-virus software -46 security tips to keep you safe and more.
Cybersecurity: A Business Solution
Author: Rob Arnold
Publisher: Threat Sketch, LLC
ISBN: 069294415X
Category : Business & Economics
Languages : en
Pages : 100
Book Description
As a business leader, you might think you have cybersecurity under control because you have a great IT team. But managing cyber risk requires more than firewalls and good passwords. Cash flow, insurance, relationships, and legal affairs for an organization all play major roles in managing cyber risk. Treating cybersecurity as “just an IT problem” leaves an organization exposed and unprepared. Therefore, executives must take charge of the big picture. Cybersecurity: A Business Solution is a concise guide to managing cybersecurity from a business perspective, written specifically for the leaders of small and medium businesses. In this book you will find a step-by-step approach to managing the financial impact of cybersecurity. The strategy provides the knowledge you need to steer technical experts toward solutions that fit your organization’s business mission. The book also covers common pitfalls that lead to a false sense of security. And, to help offset the cost of higher security, it explains how you can leverage investments in cybersecurity to capture market share and realize more profits. The book’s companion material also includes an executive guide to The National Institute of Standards and Technology (NIST) Cybersecurity Framework. It offers a business level overview of the following key terms and concepts, which are central to managing its adoption. - Tiers - Profiles - Functions - Informative References
Publisher: Threat Sketch, LLC
ISBN: 069294415X
Category : Business & Economics
Languages : en
Pages : 100
Book Description
As a business leader, you might think you have cybersecurity under control because you have a great IT team. But managing cyber risk requires more than firewalls and good passwords. Cash flow, insurance, relationships, and legal affairs for an organization all play major roles in managing cyber risk. Treating cybersecurity as “just an IT problem” leaves an organization exposed and unprepared. Therefore, executives must take charge of the big picture. Cybersecurity: A Business Solution is a concise guide to managing cybersecurity from a business perspective, written specifically for the leaders of small and medium businesses. In this book you will find a step-by-step approach to managing the financial impact of cybersecurity. The strategy provides the knowledge you need to steer technical experts toward solutions that fit your organization’s business mission. The book also covers common pitfalls that lead to a false sense of security. And, to help offset the cost of higher security, it explains how you can leverage investments in cybersecurity to capture market share and realize more profits. The book’s companion material also includes an executive guide to The National Institute of Standards and Technology (NIST) Cybersecurity Framework. It offers a business level overview of the following key terms and concepts, which are central to managing its adoption. - Tiers - Profiles - Functions - Informative References
Cybersecurity Program Development for Business
Author: Chris Moschovitis
Publisher: John Wiley & Sons
ISBN: 1119430003
Category : Computers
Languages : en
Pages : 215
Book Description
"This is the book executives have been waiting for. It is clear: With deep expertise but in nontechnical language, it describes what cybersecurity risks are and the decisions executives need to make to address them. It is crisp: Quick and to the point, it doesn't waste words and won't waste your time. It is candid: There is no sure cybersecurity defense, and Chris Moschovitis doesn't pretend there is; instead, he tells you how to understand your company's risk and make smart business decisions about what you can mitigate and what you cannot. It is also, in all likelihood, the only book ever written (or ever to be written) about cybersecurity defense that is fun to read." —Thomas A. Stewart, Executive Director, National Center for the Middle Market and Co-Author of Woo, Wow, and Win: Service Design, Strategy, and the Art of Customer Delight Get answers to all your cybersecurity questions In 2016, we reached a tipping point—a moment where the global and local implications of cybersecurity became undeniable. Despite the seriousness of the topic, the term "cybersecurity" still exasperates many people. They feel terrorized and overwhelmed. The majority of business people have very little understanding of cybersecurity, how to manage it, and what's really at risk. This essential guide, with its dozens of examples and case studies, breaks down every element of the development and management of a cybersecurity program for the executive. From understanding the need, to core risk management principles, to threats, tools, roles and responsibilities, this book walks the reader through each step of developing and implementing a cybersecurity program. Read cover-to-cover, it’s a thorough overview, but it can also function as a useful reference book as individual questions and difficulties arise. Unlike other cybersecurity books, the text is not bogged down with industry jargon Speaks specifically to the executive who is not familiar with the development or implementation of cybersecurity programs Shows you how to make pragmatic, rational, and informed decisions for your organization Written by a top-flight technologist with decades of experience and a track record of success If you’re a business manager or executive who needs to make sense of cybersecurity, this book demystifies it for you.
Publisher: John Wiley & Sons
ISBN: 1119430003
Category : Computers
Languages : en
Pages : 215
Book Description
"This is the book executives have been waiting for. It is clear: With deep expertise but in nontechnical language, it describes what cybersecurity risks are and the decisions executives need to make to address them. It is crisp: Quick and to the point, it doesn't waste words and won't waste your time. It is candid: There is no sure cybersecurity defense, and Chris Moschovitis doesn't pretend there is; instead, he tells you how to understand your company's risk and make smart business decisions about what you can mitigate and what you cannot. It is also, in all likelihood, the only book ever written (or ever to be written) about cybersecurity defense that is fun to read." —Thomas A. Stewart, Executive Director, National Center for the Middle Market and Co-Author of Woo, Wow, and Win: Service Design, Strategy, and the Art of Customer Delight Get answers to all your cybersecurity questions In 2016, we reached a tipping point—a moment where the global and local implications of cybersecurity became undeniable. Despite the seriousness of the topic, the term "cybersecurity" still exasperates many people. They feel terrorized and overwhelmed. The majority of business people have very little understanding of cybersecurity, how to manage it, and what's really at risk. This essential guide, with its dozens of examples and case studies, breaks down every element of the development and management of a cybersecurity program for the executive. From understanding the need, to core risk management principles, to threats, tools, roles and responsibilities, this book walks the reader through each step of developing and implementing a cybersecurity program. Read cover-to-cover, it’s a thorough overview, but it can also function as a useful reference book as individual questions and difficulties arise. Unlike other cybersecurity books, the text is not bogged down with industry jargon Speaks specifically to the executive who is not familiar with the development or implementation of cybersecurity programs Shows you how to make pragmatic, rational, and informed decisions for your organization Written by a top-flight technologist with decades of experience and a track record of success If you’re a business manager or executive who needs to make sense of cybersecurity, this book demystifies it for you.
Cyber Rules
Author: Thomas M. Siebel
Publisher: Broadway Business
ISBN: 9780385494120
Category : Business & Economics
Languages : en
Pages : 312
Book Description
The founder of the billion-dollar customer service information firm, Siebel Systems, advises entrepreneurs and executives on how to increase their profits by doing business via the Internet and how to avoid common pitfalls.
Publisher: Broadway Business
ISBN: 9780385494120
Category : Business & Economics
Languages : en
Pages : 312
Book Description
The founder of the billion-dollar customer service information firm, Siebel Systems, advises entrepreneurs and executives on how to increase their profits by doing business via the Internet and how to avoid common pitfalls.
Solving Cyber Risk
Author: Andrew Coburn
Publisher: John Wiley & Sons
ISBN: 1119490928
Category : Business & Economics
Languages : en
Pages : 322
Book Description
The non-technical handbook for cyber security risk management Solving Cyber Risk distills a decade of research into a practical framework for cyber security. Blending statistical data and cost information with research into the culture, psychology, and business models of the hacker community, this book provides business executives, policy-makers, and individuals with a deeper understanding of existing future threats, and an action plan for safeguarding their organizations. Key Risk Indicators reveal vulnerabilities based on organization type, IT infrastructure and existing security measures, while expert discussion from leading cyber risk specialists details practical, real-world methods of risk reduction and mitigation. By the nature of the business, your organization’s customer database is packed with highly sensitive information that is essentially hacker-bait, and even a minor flaw in security protocol could spell disaster. This book takes you deep into the cyber threat landscape to show you how to keep your data secure. Understand who is carrying out cyber-attacks, and why Identify your organization’s risk of attack and vulnerability to damage Learn the most cost-effective risk reduction measures Adopt a new cyber risk assessment and quantification framework based on techniques used by the insurance industry By applying risk management principles to cyber security, non-technical leadership gains a greater understanding of the types of threat, level of threat, and level of investment needed to fortify the organization against attack. Just because you have not been hit does not mean your data is safe, and hackers rely on their targets’ complacence to help maximize their haul. Solving Cyber Risk gives you a concrete action plan for implementing top-notch preventative measures before you’re forced to implement damage control.
Publisher: John Wiley & Sons
ISBN: 1119490928
Category : Business & Economics
Languages : en
Pages : 322
Book Description
The non-technical handbook for cyber security risk management Solving Cyber Risk distills a decade of research into a practical framework for cyber security. Blending statistical data and cost information with research into the culture, psychology, and business models of the hacker community, this book provides business executives, policy-makers, and individuals with a deeper understanding of existing future threats, and an action plan for safeguarding their organizations. Key Risk Indicators reveal vulnerabilities based on organization type, IT infrastructure and existing security measures, while expert discussion from leading cyber risk specialists details practical, real-world methods of risk reduction and mitigation. By the nature of the business, your organization’s customer database is packed with highly sensitive information that is essentially hacker-bait, and even a minor flaw in security protocol could spell disaster. This book takes you deep into the cyber threat landscape to show you how to keep your data secure. Understand who is carrying out cyber-attacks, and why Identify your organization’s risk of attack and vulnerability to damage Learn the most cost-effective risk reduction measures Adopt a new cyber risk assessment and quantification framework based on techniques used by the insurance industry By applying risk management principles to cyber security, non-technical leadership gains a greater understanding of the types of threat, level of threat, and level of investment needed to fortify the organization against attack. Just because you have not been hit does not mean your data is safe, and hackers rely on their targets’ complacence to help maximize their haul. Solving Cyber Risk gives you a concrete action plan for implementing top-notch preventative measures before you’re forced to implement damage control.
Industry of Anonymity
Author: Jonathan Lusthaus
Publisher: Harvard University Press
ISBN: 0674979419
Category : Social Science
Languages : en
Pages : 305
Book Description
The most extensive account yet of the lives of cybercriminals and the vast international industry they have created, deeply sourced and based on field research in the world’s technology-crime hotspots. Cybercrime seems invisible. Attacks arrive out of nowhere, their origins hidden by layers of sophisticated technology. Only the victims are clear. But every crime has its perpetrator—specific individuals or groups sitting somewhere behind keyboards and screens. Jonathan Lusthaus lifts the veil on the world of these cybercriminals in the most extensive account yet of the lives they lead, and the vast international industry they have created. We are long past the age of the lone adolescent hacker tapping away in his parents’ basement. Cybercrime now operates like a business. Its goods and services may be illicit, but it is highly organized, complex, driven by profit, and globally interconnected. Having traveled to cybercrime hotspots around the world to meet with hundreds of law enforcement agents, security gurus, hackers, and criminals, Lusthaus takes us inside this murky underworld and reveals how this business works. He explains the strategies criminals use to build a thriving industry in a low-trust environment characterized by a precarious combination of anonymity and teamwork. Crime takes hold where there is more technical talent than legitimate opportunity, and where authorities turn a blind eye—perhaps for a price. In the fight against cybercrime, understanding what drives people into this industry is as important as advanced security. Based on seven years of fieldwork from Eastern Europe to West Africa, Industry of Anonymity is a compelling and revealing study of a rational business model which, however much we might wish otherwise, has become a defining feature of the modern world.
Publisher: Harvard University Press
ISBN: 0674979419
Category : Social Science
Languages : en
Pages : 305
Book Description
The most extensive account yet of the lives of cybercriminals and the vast international industry they have created, deeply sourced and based on field research in the world’s technology-crime hotspots. Cybercrime seems invisible. Attacks arrive out of nowhere, their origins hidden by layers of sophisticated technology. Only the victims are clear. But every crime has its perpetrator—specific individuals or groups sitting somewhere behind keyboards and screens. Jonathan Lusthaus lifts the veil on the world of these cybercriminals in the most extensive account yet of the lives they lead, and the vast international industry they have created. We are long past the age of the lone adolescent hacker tapping away in his parents’ basement. Cybercrime now operates like a business. Its goods and services may be illicit, but it is highly organized, complex, driven by profit, and globally interconnected. Having traveled to cybercrime hotspots around the world to meet with hundreds of law enforcement agents, security gurus, hackers, and criminals, Lusthaus takes us inside this murky underworld and reveals how this business works. He explains the strategies criminals use to build a thriving industry in a low-trust environment characterized by a precarious combination of anonymity and teamwork. Crime takes hold where there is more technical talent than legitimate opportunity, and where authorities turn a blind eye—perhaps for a price. In the fight against cybercrime, understanding what drives people into this industry is as important as advanced security. Based on seven years of fieldwork from Eastern Europe to West Africa, Industry of Anonymity is a compelling and revealing study of a rational business model which, however much we might wish otherwise, has become a defining feature of the modern world.
Rational Cybersecurity for Business
Author: Dan Blum
Publisher: Apress
ISBN: 9781484259511
Category : Computers
Languages : en
Pages : 330
Book Description
Use the guidance in this comprehensive field guide to gain the support of your top executives for aligning a rational cybersecurity plan with your business. You will learn how to improve working relationships with stakeholders in complex digital businesses, IT, and development environments. You will know how to prioritize your security program, and motivate and retain your team. Misalignment between security and your business can start at the top at the C-suite or happen at the line of business, IT, development, or user level. It has a corrosive effect on any security project it touches. But it does not have to be like this. Author Dan Blum presents valuable lessons learned from interviews with over 70 security and business leaders. You will discover how to successfully solve issues related to: risk management, operational security, privacy protection, hybrid cloud management, security culture and user awareness, and communication challenges. This book presents six priority areas to focus on to maximize the effectiveness of your cybersecurity program: risk management, control baseline, security culture, IT rationalization, access control, and cyber-resilience. Common challenges and good practices are provided for businesses of different types and sizes. And more than 50 specific keys to alignment are included. What You Will Learn Improve your security culture: clarify security-related roles, communicate effectively to businesspeople, and hire, motivate, or retain outstanding security staff by creating a sense of efficacy Develop a consistent accountability model, information risk taxonomy, and risk management framework Adopt a security and risk governance model consistent with your business structure or culture, manage policy, and optimize security budgeting within the larger business unit and CIO organization IT spend Tailor a control baseline to your organization’s maturity level, regulatory requirements, scale, circumstances, and critical assets Help CIOs, Chief Digital Officers, and other executives to develop an IT strategy for curating cloud solutions and reducing shadow IT, building up DevSecOps and Disciplined Agile, and more Balance access control and accountability approaches, leverage modern digital identity standards to improve digital relationships, and provide data governance and privacy-enhancing capabilities Plan for cyber-resilience: work with the SOC, IT, business groups, and external sources to coordinate incident response and to recover from outages and come back stronger Integrate your learnings from this book into a quick-hitting rational cybersecurity success plan Who This Book Is For Chief Information Security Officers (CISOs) and other heads of security, security directors and managers, security architects and project leads, and other team members providing security leadership to your business
Publisher: Apress
ISBN: 9781484259511
Category : Computers
Languages : en
Pages : 330
Book Description
Use the guidance in this comprehensive field guide to gain the support of your top executives for aligning a rational cybersecurity plan with your business. You will learn how to improve working relationships with stakeholders in complex digital businesses, IT, and development environments. You will know how to prioritize your security program, and motivate and retain your team. Misalignment between security and your business can start at the top at the C-suite or happen at the line of business, IT, development, or user level. It has a corrosive effect on any security project it touches. But it does not have to be like this. Author Dan Blum presents valuable lessons learned from interviews with over 70 security and business leaders. You will discover how to successfully solve issues related to: risk management, operational security, privacy protection, hybrid cloud management, security culture and user awareness, and communication challenges. This book presents six priority areas to focus on to maximize the effectiveness of your cybersecurity program: risk management, control baseline, security culture, IT rationalization, access control, and cyber-resilience. Common challenges and good practices are provided for businesses of different types and sizes. And more than 50 specific keys to alignment are included. What You Will Learn Improve your security culture: clarify security-related roles, communicate effectively to businesspeople, and hire, motivate, or retain outstanding security staff by creating a sense of efficacy Develop a consistent accountability model, information risk taxonomy, and risk management framework Adopt a security and risk governance model consistent with your business structure or culture, manage policy, and optimize security budgeting within the larger business unit and CIO organization IT spend Tailor a control baseline to your organization’s maturity level, regulatory requirements, scale, circumstances, and critical assets Help CIOs, Chief Digital Officers, and other executives to develop an IT strategy for curating cloud solutions and reducing shadow IT, building up DevSecOps and Disciplined Agile, and more Balance access control and accountability approaches, leverage modern digital identity standards to improve digital relationships, and provide data governance and privacy-enhancing capabilities Plan for cyber-resilience: work with the SOC, IT, business groups, and external sources to coordinate incident response and to recover from outages and come back stronger Integrate your learnings from this book into a quick-hitting rational cybersecurity success plan Who This Book Is For Chief Information Security Officers (CISOs) and other heads of security, security directors and managers, security architects and project leads, and other team members providing security leadership to your business
The CISO Evolution
Author: Matthew K. Sharp
Publisher: John Wiley & Sons
ISBN: 1119782481
Category : Computers
Languages : en
Pages : 423
Book Description
Learn to effectively deliver business aligned cybersecurity outcomes In The CISO Evolution: Business Knowledge for Cybersecurity Executives, information security experts Matthew K. Sharp and Kyriakos “Rock” Lambros deliver an insightful and practical resource to help cybersecurity professionals develop the skills they need to effectively communicate with senior management and boards. They assert business aligned cybersecurity is crucial and demonstrate how business acumen is being put into action to deliver meaningful business outcomes. The authors use illustrative stories to show professionals how to establish an executive presence and avoid the most common pitfalls experienced by technology experts when speaking and presenting to executives. The book will show you how to: Inspire trust in senior business leaders by properly aligning and setting expectations around risk appetite and capital allocation Properly characterize the indispensable role of cybersecurity in your company’s overall strategic plan Acquire the necessary funding and resources for your company’s cybersecurity program and avoid the stress and anxiety that comes with underfunding Perfect for security and risk professionals, IT auditors, and risk managers looking for effective strategies to communicate cybersecurity concepts and ideas to business professionals without a background in technology. The CISO Evolution is also a must-read resource for business executives, managers, and leaders hoping to improve the quality of dialogue with their cybersecurity leaders.
Publisher: John Wiley & Sons
ISBN: 1119782481
Category : Computers
Languages : en
Pages : 423
Book Description
Learn to effectively deliver business aligned cybersecurity outcomes In The CISO Evolution: Business Knowledge for Cybersecurity Executives, information security experts Matthew K. Sharp and Kyriakos “Rock” Lambros deliver an insightful and practical resource to help cybersecurity professionals develop the skills they need to effectively communicate with senior management and boards. They assert business aligned cybersecurity is crucial and demonstrate how business acumen is being put into action to deliver meaningful business outcomes. The authors use illustrative stories to show professionals how to establish an executive presence and avoid the most common pitfalls experienced by technology experts when speaking and presenting to executives. The book will show you how to: Inspire trust in senior business leaders by properly aligning and setting expectations around risk appetite and capital allocation Properly characterize the indispensable role of cybersecurity in your company’s overall strategic plan Acquire the necessary funding and resources for your company’s cybersecurity program and avoid the stress and anxiety that comes with underfunding Perfect for security and risk professionals, IT auditors, and risk managers looking for effective strategies to communicate cybersecurity concepts and ideas to business professionals without a background in technology. The CISO Evolution is also a must-read resource for business executives, managers, and leaders hoping to improve the quality of dialogue with their cybersecurity leaders.