Book description
"This is the book executives have been waiting for. It is clear: With deep expertise but in nontechnical language, it describes what cybersecurity risks are and the decisions executives need to make to address them. It is crisp: Quick and to the point, it doesn't waste words and won't waste your time. It is candid: There is no sure cybersecurity defense, and Chris Moschovitis doesn't pretend there is; instead, he tells you how to understand your company's risk and make smart business decisions about what you can mitigate and what you cannot.
It is also, in all likelihood, the only book ever written (or ever to be written) about cybersecurity defense that is fun to read."
—Thomas A. Stewart, Executive Director, National Center for the Middle Market and Co-Author of Woo, Wow, and Win: Service Design, Strategy, and the Art of Customer DelightGet answers to all your cybersecurity questions
In 2016, we reached a tipping point—a moment where the global and local implications of cybersecurity became undeniable. Despite the seriousness of the topic, the term "cybersecurity" still exasperates many people. They feel terrorized and overwhelmed. The majority of business people have very little understanding of cybersecurity, how to manage it, and what's really at risk.
This essential guide, with its dozens of examples and case studies, breaks down every element of the development and management of a cybersecurity program for the executive. From understanding the need, to core risk management principles, to threats, tools, roles and responsibilities, this book walks the reader through each step of developing and implementing a cybersecurity program. Read cover-to-cover, it’s a thorough overview, but it can also function as a useful reference book as individual questions and difficulties arise.
- Unlike other cybersecurity books, the text is not bogged down with industry jargon
- Speaks specifically to the executive who is not familiar with the development or implementation of cybersecurity programs
- Shows you how to make pragmatic, rational, and informed decisions for your organization
- Written by a top-flight technologist with decades of experience and a track record of success
If you’re a business manager or executive who needs to make sense of cybersecurity, this book demystifies it for you.
Table of contents
- COVER
- TITLE PAGE
- FOREWORD
- PREFACE
- ABOUT THE AUTHOR
- ACKNOWLEDGMENTS
- CHAPTER 1: Understanding Risk
- CHAPTER 2: Everything You Always Wanted to Know About Tech (But Were Afraid to Ask Your Kids)
-
CHAPTER 3: A Cybersecurity Primer
- Cybersecurity Defined
- The Meaning of Security
- Measuring Cybersecurity's Success
- Deter, Identify, Protect, Detect, Respond
- Cybersecurity Controls and Defense in Depth
- Defense in Depth
- The Threats
- Threat Agents
- Key Trends Influencing Threat Agents
- The Nature of Hackers
- Attack Process
- Types of Attacks
- A Brief Cyberglossary of Terms
- CHAPTER 4: Management, Governance, and Alignment
- CHAPTER 5: Your Cybersecurity Program: A High‐Level Overview
- CHAPTER 6: Assets
- CHAPTER 7: Threats
- CHAPTER 8: Vulnerabilities
- CHAPTER 9: Environments
- CHAPTER 10: Controls
- CHAPTER 11: Incident‐Response Planning
- CHAPTER 12: People
- CHAPTER 13: Living Cybersecure!
- BIBLIOGRAPHY
- APPENDIX: Clear and Present Danger
- INDEX
- END USER LICENSE AGREEMENT
Product information
- Title: Cybersecurity Program Development for Business
- Author(s):
- Release date: May 2018
- Publisher(s): Wiley
- ISBN: 9781119429517
You might also like
book
The Cyber Risk Handbook
Actionable guidance and expert perspective for real-world cybersecurity The Cyber Risk Handbook is the practitioner's guide …
book
How to Measure Anything in Cybersecurity Risk
A ground shaking exposé on the failure of popular cyber risk management methods How to Measure …
book
Threat Modeling: Designing for Security
Adam Shostack is responsible for security development lifecycle threat modeling at Microsoft and is one of …
book
Cybersecurity Blue Team Toolkit
A practical handbook to cybersecurity for both tech and non-tech professionals As reports of major data …