Enterprise Cyber Risk Management as a Value Creator - Bob Chaput

Enterprise Cyber Risk Management as a Value Creator

Leverage Cybersecurity for Competitive Advantage

(Autor)

Buch | Softcover
388 Seiten
2024
Apress (Verlag)
979-8-8688-0093-1 (ISBN)
40,65 inkl. MwSt
This book will help you learn the importance of organizations treating enterprise cyber risk management (ECRM) as a value creator, a business enabler, and a mechanism to create a competitive advantage. Organizations began to see the real value of information and information technology in the mid-1980s. Forty years later, it’s time to leverage your ECRM program and cybersecurity strategy in the same way.

The main topics covered include the case for action with specific coverage on the topic of cybersecurity as a value creator, including how the courts, legislators, and regulators are raising the bar for C-suite executives and board members. The book covers how the board’s three primary responsibilities (talent management, strategy, and risk management) intersect with their ECRM responsibilities.

ECRM was once solely focused on managing the downside of risk by defending the organization from adversarial, accidental, structural, and environmental threat sources. Author BobChaput presents the view that we must focus equally on managing the upside of cyber strengths to increase customer trust and brand loyalty, improving social responsibility, driving revenue growth, lowering the cost of capital, attracting higher quality investments, creating competitive advantage, attracting and retaining talent, and facilitating M&A work. He focuses on the C-suite and board role in the first part and provides guidance on their roles and responsibilities, the most important decision about ECRM they must facilitate, and how to think differently about ECRM funding. You will learn how to the pivot from cost-center thinking to value-center thinking.

Having built the case for action, in the second part, the book details the steps that organizations must take to develop and document their ECRM program and cybersecurity strategy. The book first covers how ECRM must be integrated into business strategy. The remainder of that part presents a sample table of contents for an ECRM Program and Cybersecurity Strategy document and works through each section to facilitate development of your own program and strategy. With all the content and ideas presented, you will be able to establish, implement, and mature your program and strategy.





What You Will Learn



Read new information and treat ECRM and cybersecurity as a value creator
Receive updates on legal cases, legislative actions, and regulations that are raising the stakes for organizations, their C-suites, and boards
Think differently about funding ECRM and cybersecurity initiatives
Understand the most critical ECRM decision that boards must facilitate in their organizations
Use practical, tangible, actionable content to develop and document your ECRM program and cybersecurity strategy




“This book should be mandatory reading for C-suite executives and board members. It shows you how to move from viewingcybersecurity as a risk to avoid, and a cost center that does not add value and is overhead, to seeing cybersecurity as an enabler and part of your core strategy to transform your business and earn customer and stakeholder trust.”



—Paul Connelly, First CISO at the White House and HCA Healthcare



 

Who This Book Is For


The primary audience includes Chief Information Security Officers, Chief Risk Officers, and Chief Compliance Officers. The secondary audience includes C-suite executives and board members. The tertiary audience includes any stakeholder responsible for privacy, security, compliance, and cyber risk management or students of these topics.

Bob Chaput, NACD.DC, is the author of “Stop the Cyber Bleeding: What Healthcare Executives and Board Members Must Know About Enterprise Cyber Risk Management (ECRM).” He is also the Founder and Executive Chairman of Clearwater, a leading provider of cybersecurity, risk management, and HIPAA compliance software, consulting, and managed services. As a leading authority in cybersecurity regulatory compliance and enterprise cyber risk management, Bob has assisted dozens of organizations and their business partners, including Fortune 100 organizations, improve their risk posture. Bob's degrees include an MA in Mathematics from Clark University and a BA in Mathematics from the Massachusetts College of Liberal Arts. In addition to the NACD.DC Directorship Certification, Bob holds numerous privacy, security, and cyber risk management certifications. He is a faculty member at IANS Research. Bob decided to write this book to help facilitate the role of Chief Information Security Officers (CISO) to better integrate into their businesses and interact with C-suite executives and board members. As happened when Chief Information Officers (CIO) began to ‘earn a seat at the table decades ago, there is a significant communications gap between this newly discovered role, the C-suite, and the board. Bob's goal is to make CISOs and their boards successful in better understanding one another and better in managing cyber risks and opportunities. The aim of this book is to help close the communications gap by linking CISOs with the three main topics that boards deal with: talent management, strategy, and risk management.

Part I:  A Case for Action.- Chapter 1: Enterprise Cyber Risk Management as a Value Creator.- Chapter 2: SEC and Other Important Cyber Regulations.- Chapter 3: The Courts Are Picking Up the Cyber Pace.- Chapter 4: The Most Critical Cybersecurity Decision.- Chapter 5: Justifying ECRM Funding.- Chapter 6: The C-Suite and Board Role.- Part II: Building and Implementing Your ECRM Program.- Chapter 7: Integrating ECRM into Business Strategy.- Chapter 8: Getting Started.- Chapter 9: ECRM Guiding Principles and Business Alignment.- Chapter 10: Three Vital ECRM Building Blocks.- Chapter 11: Adapting Your ECRM Process to Include Cyber Opportunities.- Chapter 12: Additional Essential ECRM Program Events.- Appendix A: What to Look for in an ECRM Company and Solution.- Appendix B: Enterprise Cyber Risk Management Software (ECRMS).- Appendix C: The Benefits of a NIST-Based ECRM Approach.- Appendix D: Twenty-Five Essential Terms for Your ECRM Glossary.- AppendixE: Sample ECRM Program and Cybersecurity Strategy Table of Contents.

Erscheinungsdatum
Zusatzinfo 21 Illustrations, black and white; XLIII, 388 p. 21 illus.
Verlagsort Berlin
Sprache englisch
Maße 155 x 235 mm
Themenwelt Informatik Netzwerke Sicherheit / Firewall
Wirtschaft Betriebswirtschaft / Management Allgemeines / Lexika
Wirtschaft Betriebswirtschaft / Management Unternehmensführung / Management
Schlagworte Cyber legal cases • Cyber regulations • Cyber Risk Management • cybersecurity • Cybersecurity and business strategy • Cybersecurity legal cases • Cybersecurity regulations • Cybersecurity strategy • Enterprise cyber risk managemen
ISBN-13 979-8-8688-0093-1 / 9798868800931
Zustand Neuware
Haben Sie eine Frage zum Produkt?
Mehr entdecken
aus dem Bereich
Das Lehrbuch für Konzepte, Prinzipien, Mechanismen, Architekturen und …

von Norbert Pohlmann

Buch | Softcover (2022)
Springer Vieweg (Verlag)
34,99
Management der Informationssicherheit und Vorbereitung auf die …

von Michael Brenner; Nils gentschen Felde; Wolfgang Hommel

Buch (2024)
Carl Hanser (Verlag)
69,99