Most organizations are undergoing a digital transformation of some sort and are looking to embrace innovative technology, but new ways of doing business inevitably lead to new threats which can cause irreparable financial, operational and reputational damage. In an increasingly punitive regulatory climate, organizations are also under pressure to be more accountable and compliant. Cyber Risk Management clearly explains the importance of implementing a cyber security strategy and provides practical guidance for those responsible for managing threat events, vulnerabilities and controls,…mehr
Most organizations are undergoing a digital transformation of some sort and are looking to embrace innovative technology, but new ways of doing business inevitably lead to new threats which can cause irreparable financial, operational and reputational damage. In an increasingly punitive regulatory climate, organizations are also under pressure to be more accountable and compliant. Cyber Risk Management clearly explains the importance of implementing a cyber security strategy and provides practical guidance for those responsible for managing threat events, vulnerabilities and controls, including malware, data leakage, insider threat and Denial-of-Service. Examples and use cases including Yahoo, Facebook and TalkTalk, add context throughout and emphasize the importance of communicating security and risk effectively, while implementation review checklists bring together key points at the end of each chapter. Cyber Risk Management analyzes the innate human factors around risk and how they affect cyber awareness and employee training, along with the need to assess the risks posed by third parties. Including an introduction to threat modelling, this book presents a data-centric approach to cyber risk management based on business impact assessments, data classification, data flow modelling and assessing return on investment. It covers pressing developments in artificial intelligence, machine learning, big data and cloud mobility, and includes advice on responding to risks which are applicable for the environment and not just based on media sensationalism.
Christopher J Hodson is Chief Security Officer for Cyberhaven where he oversees all facets of security to protect Cyberhaven customers and employees, including cloud and application security, security operations, and risk management. In addition, Chris serves as a board advisor at the workforce development platform, Cybrary, and is a fellow of the Chartered Institute of Information Security. He has previously held CISO positions with Contentful, Zscaler, and Tanium. He is a guest lecturer at Royal Holloway, University of London where he also holds a master's degree in computer and information systems security.
Inhaltsangabe
Section ONE: Contextualizing cybersecurity risk; Chapter 01: Why now? The only constant is change; Chapter 02: Technologies and security challenges; Chapter 03: Data breaches; Section TWO: Cybersecurity programme management; Chapter 04: What are cybersecurity and cybercrime?; Chapter 05: Establishing a cybersecurity programme; Section THREE: Actors, events and vulnerabilities; Chapter 06: Threat actors; Chapter 07: Threat events; Chapter 08: Vulnerabilities; Chapter 09: Controls; Section FOUR: Conclusion The cybersecurity risk equation explained; Chapter 10: Cyber risk management A conclusion
