Cybersecurity Program Development for BusinessThe Essential Planning Guide
"This is the book executives have been waiting for. It is clear: With deep expertise but in nontechnical language, it describes what cybersecurity risks are and the decisions executives need to make to address them. It is crisp: Quick and to the point, it doesn't waste words and won't waste your time. It is candid: There is no sure cybersecurity defense, and Chris Moschovitis doesn't pretend there is; instead, he tells you how to understand your company's risk and make smart business decisions about what you can mitigate and what you cannot. It is also, in all likelihood, the only book ever written (or ever to be written) about cybersecurity defense that is fun to read." —Thomas A. Stewart, Executive Director, National Center for the Middle Market and Co-Author of Woo, Wow, and Win: Service Design, Strategy, and the Art of Customer DelightGet answers to all your cybersecurity questions In 2016, we reached a tipping point—a moment where the global and local implications of cybersecurity became undeniable. Despite the seriousness of the topic, the term "cybersecurity" still exasperates many people. They feel terrorized and overwhelmed. The majority of business people have very little understanding of cybersecurity, how to manage it, and what's really at risk. This essential guide, with its dozens of examples and case studies, breaks down every element of the development and management of a cybersecurity program for the executive. From understanding the need, to core risk management principles, to threats, tools, roles and responsibilities, this book walks the reader through each step of developing and implementing a cybersecurity program. Read cover-to-cover, it’s a thorough overview, but it can also function as a useful reference book as individual questions and difficulties arise. Unlike other cybersecurity books, the text is not bogged down with industry jargon Speaks specifically to the executive who is not familiar with the development or implementation of cybersecurity programs Shows you how to make pragmatic, rational, and informed decisions for your organization Written by a top-flight technologist with decades of experience and a track record of success If you’re a business manager or executive who needs to make sense of cybersecurity, this book demystifies it for you.
Foreword vii Preface xi About The Author xiii Acknowledgments xv CHAPTER 1 Understanding Risk 1 CHAPTER 2 Everything You Always Wanted to Know About Tech (But Were Afraid to Ask Your Kids) 9 CHAPTER 3 A Cybersecurity Primer 15 CHAPTER 4 Management, Governance, and Alignment 47 CHAPTER 5 Your Cybersecurity Program: A High-Level Overview 67 CHAPTER 6 Assets 81 CHAPTER 7 Threats 95 CHAPTER 8 Vulnerabilities 105 CHAPTER 9 Environments 113 CHAPTER 10 Controls 131 CHAPTER 11 Incident-Response Planning 147 CHAPTER 12 People 163 CHAPTER 13 Living Cybersecure! 175 Bibliography 187 Appendix: Clear And Present Danger 195 Index 199
CHRIS MOSCHOVITIS is the founder of tmg-emedia, a consultancy focused on providing independent technology and cybersecurity management expertise, development, and outsourcing services. It is one of the premier independent consulting firms in the country. He is sought after by private industry, government, and nonprofits for his ability to explain complex IT and cybersecurity topics to executives.
Clear and jargon free, Cybersecurity Program Development for Business offers a down-to-earth guide for business executives who have little or no understanding of cybersecurity. If you are ultimately responsible for making pragmatic, rational, and informed decisions about cybersecurity for your organization, yet feeling unprepared for the role, this book is for you. Written by cybersecurity consultant Chris Moschovitis, Cybersecurity Program Development for Business puts the topic of cybersecurity into perspective by eschewing the typical list of scary statistics and not buying into doom-and-gloom scenarios. Instead, the author takes a direct approach and uses simple terminology that helps build confidence and offers hope. This book outlines a step-by-step, actionable strategy that will give you the ability to participate in the conversation with your technical experts. Imagine joining the conversation with the same experts who in the past were talking above your head and around you. Cybersecurity Program Development for Business explains why cybersecurity is needed and outlines the core risk management principles including guidelines on threats, tools, roles, and responsibilities. This essential guide is filled with dozens of real-world examples and case studies from a variety of businesses and industries that explore every element of the development and management of an effective cybersecurity program. In one volume, the author presents a comprehensive review of what it takes to understand, develop, and implement a cybersecurity program. This book is the clear and logical guide that will become a well-thumbed resource and a useful reference as individual questions and challenges arise.
Praise for Cybersecurity Program Development for Business "This is the book executives have been waiting for. It is clear: With deep expertise but in nontechnical language, it describes what cybersecurity risks are and the decisions executives need to make to address them. It is crisp: Quick and to the point, it doesn't waste words and won't waste your time. It is candid: There is no sure cybersecurity defense, and Chris Moschovitis doesn't pretend there is; instead, he tells you how to understand your company's risk and make smart business decisions about what you can mitigate and what you cannot. It is also, in all likelihood, the only book ever written (or ever to be written) about cybersecurity defense that is fun to read." —Thomas A. Stewart, Executive Director, National Center for the Middle Market and Co-Author of Woo, Wow, and Win: Service Design, Strategy, and the Art of Customer Delight "In my days as a Commanding Officer of U. S. Coast Guard ships at sea, I developed a deeply held respect for the notion of preparing well so as to perform well. Chris Moschovitis challenges a new generation to embrace that philosophy. He encourages us to recognize how overwhelming the flood of guidance and advice can be to leaders in either business or government … especially when the topic seems more difficult to understand every day. Chris reaches backward into his own experience and lessons learned to design a practical approach to protecting the things for which those leaders are responsible. This book is not Cybersecurity for Dummies. Rather, it offers the insights and pathways important to those willing to do the hard work up front that will enable them to succeed when it counts. Indeed, Preparation Equals Performance." —James M. Loy, Admiral, United States Coast Guard (Ret), Commandant, USCG 1998-2002, Administrator, Transportation Security Administration 2002-2003, Deputy Secretary, U. S. Department of Homeland, Security 2003-2005, Senior Counselor, The Cohen Group 2005-Present "Cybersecurity Program Development for Business by Chris Moschovitis is a great addition to any executive's library of practical, how-to books on a cutting-edge (even bleeding-edge) topic – how to secure your organization's cyber resilience. The book acts not only as a primer but as a deeply knowledgeable and even entertaining resource full of useful examples and guidance. In this age of simultaneous hyper-transparency and hyper-opacity, it is critical that all executives and boards become at least conversant in what is going on in cyber — this book gives them that helpful roadmap." —Dr. Andrea Bonime-Blanc, CEO and Founder, GEC Risk Advisory, Co-Author of The Artificial Intelligence Imperative: A Practical Roadmap for Business (Praeger 2018) "An amazing, holistic, practical, accessible and enlightening view on cybersecurity acting as a business enabler. For those who believe that stakeholder trust is a must for their business in today’s data-driven world. For security and technology professionals who need to talk business. And, for executives that need to talk cyber. An essential guide for both.” —Dr. Christos K. Dimitriadis, ISACA Board Chair 2015-2017, CISO Intralot “Cybersecurity Program Development for Business offers executives a rare look into the cybersecurity world in a pragmatic and jargon-free manner. Chris Moschovitis shows us how cyber enables rather than constrains business. It’s refreshing to find a book on this subject that could easily become the must-have for an executive’s desk!” —Jo Stewart-Rattray, CISM CGEIT CISA CRISC CP, Director of Information Security & IT Assurance, BRM Holdich, Director, International Board of Directors, ISACA “A must-read book by an experienced practitioner and respected cyber security strategist. Chris Moschovitis provides an extraordinarily clear-eyed and concise perspective on the challenges of developing and executing cyber-security strategies in complex real-world environments. His deep understanding and keen insight create a valuable book that is both practical and actionable. Cyber-attacks have become ubiquitous; buy this book if you want to avoid becoming an easy target.” —Mike Barlow, Author of Learning to Love Data Science, Co-author of Partnering with the CIO and Smart Cities, Smart Future “Chris Moschovitis provides relief to business leaders from cybersecurity-induced sleepless nights. His plain talk provides understanding of cyber risks to enable focus on building organizational capabilities that will instill confidence in the pursuit of business outcomes while mitigating the potential for business interruption.” —Matt Loeb, CGEIT, CAE, FASAE, Chief Executive Officer, ISACA
NeuheitenDesign of Piezo Inkjet Print Heads 142,99 €
Design of Piezo Inkjet Print Heads 142,99 €
Aptamers for Analytical Applications 124,99 €
The New Authoritarianism 9,99 €
Why Does Patriarchy Persist? 9,99 €