CHAPTER 11A Cybersecurity Primer

It takes 20 years to build a reputation and a few minutes of cyber-incident to ruin it.

—Stéphane Nappo, global chief information security officer, Société Générale International Banking

This chapter will be our core resource for cybersecurity program development. Remember, we'll layer privacy in later. You need to know the cybersecurity fundamentals first.

The material below, which is adapted from my first book, is stripped down to the essentials, the “need to know” stuff. You can refer to it again and again to refresh your understanding, look up a term, and review essential principles.

Think of this chapter as the essential ingredient for what will eventually become our privacy and cybersecurity program. In Part 1, you got intimate with the first ingredient: privacy! This, here and now, is the cybersecurity ingredient.

Cybersecurity Defined

This is my definition of cybersecurity; it is the same one I used in the first book, and it remains unchanged:

There are other definitions out there, most with more complexity. But I—and I'd hazard most businesspeople—needed something different: a simple, meaningful definition we can pin to our monitors, consult frequently, and easily understand.

This definition includes the dynamic nature ...

Get Privacy, Regulations, and Cybersecurity now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.