Rational Cybersecurity for Business
Apress (Verlag)
978-1-4842-5951-1 (ISBN)
Misalignment between security and your business can start at the top at the C-suite or happen at the line of business, IT, development, or user level. It has a corrosive effect on any security project it touches. But it does not have to be like this.
Author Dan Blum presents valuable lessons learned from interviews with over 70 security and business leaders. You will discover how to successfully solve issues related to: risk management, operational security, privacy protection, hybrid cloud management, security culture and user awareness, and communication challenges.
This open access book presents six priority areas to focus on to maximize the effectiveness of your cybersecurity program: risk management, control baseline, security culture, IT rationalization, access control, and cyber-resilience. Common challenges and good practices are provided for businesses of different types and sizes. And more than 50 specific keys to alignment are included.
What You Will Learn
Improve your security culture: clarify security-related roles, communicate effectively to businesspeople, and hire, motivate, or retain outstanding security staff by creating a sense of efficacy
Develop a consistent accountability model, information risk taxonomy, and risk management framework
Adopt a security and risk governance model consistent with your business structure or culture, manage policy, and optimize security budgeting within the larger business unit and CIO organization IT spend
Tailor a control baseline to your organization’s maturity level, regulatory requirements, scale, circumstances, and critical assets
Help CIOs, Chief Digital Officers, and other executives to develop an IT strategy for curating cloud solutions and reducing shadow IT, building up DevSecOps and Disciplined Agile, and more
Balance access control and accountability approaches, leverage modern digital identity standards to improve digital relationships, and provide data governance and privacy-enhancing capabilities
Plan for cyber-resilience: work with the SOC, IT, business groups, and external sources to coordinate incident response and to recover from outages and come back stronger
Integrate your learnings from this book into a quick-hitting rational cybersecurity success plan
Who This Book Is For
Chief Information Security Officers (CISOs)and other heads of security, security directors and managers, security architects and project leads, and other team members providing security leadership to your business
Dan Blum is an internationally recognized cybersecurity and risk management strategist. He is a former Golden Quill Award-winning VP, Distinguished Analyst at Gartner, Inc., and has served as the de facto head of security for startups and consulting companies. He's advised hundreds of corporations, universities, and government organizations, and currently partners with top media, analyst firms, and clients to produce cybersecurity thought leadership research and to deliver cybersecurity workshops and coaching for security leaders.
Chapter 1: Executive Overview.- Chapter 2: Identify and Align Security-Related Roles .- Chapter 3: Put the Right Security Governance Model in Place.- Chapter 4: Strengthen Security Culture through Effective Communications and Awareness Programs.- Chapter 5: Manage Risk in the Language of Business.- Chapter 6: Establish a Control Baseline.- Chapter 7: Simplify and Rationalize IT and Security.- Chapter 8: Control Access with Minimal Drag on the Business.- Chapter 9: Institute Resilience Through Detection, Response, and Recovery.- Chapter 10: Create Your Rational Cybersecurity Success Plan.- Glossary of Terms and Acronyms.
Erscheinungsdatum | 21.08.2020 |
---|---|
Zusatzinfo | 102 Illustrations, black and white; XXVI, 333 p. 102 illus. |
Verlagsort | Berkley |
Sprache | englisch |
Maße | 178 x 254 mm |
Themenwelt | Informatik ► Netzwerke ► Sicherheit / Firewall |
Schlagworte | Agile security • Cyber-resilience • cybersecurity • Cybersecurity maturity model • Cybersecurity RACIs • Cybersecurity strategy • DevSecOps • modern identity • Rational cybersecurity • Risk Management • Security championship • Security Culture • security governance • shared responsibility |
ISBN-10 | 1-4842-5951-3 / 1484259513 |
ISBN-13 | 978-1-4842-5951-1 / 9781484259511 |
Zustand | Neuware |
Haben Sie eine Frage zum Produkt? |
aus dem Bereich